EUVD-2021-2079

Malware in sbrugna...

CVE-2021-39193

Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26, a bug in pallet-ethereum can cause invalid transactions to be included in the Ethereum block state in pallet-ethereum due to not validating the input data size. Any invalid...

CVE-2021-41138

Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for pallet-ethereum, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of...

CVE-2021-41138

CVE-2021-41138 concerns Frontier, Substrate’s Ethereum compatibility layer. A signed Frontier-specific extrinsic for pallet-ethereum caused many validation checks to run only during transaction pool validation, not during block execution, allowing malicious validators to include invalid transacti...

Frontier 输入验证错误漏洞

Frontier is an EtherCompatible layer for Substrate. It is used to run unmodified ethereum dapps. Frontier suffers from an input validation error vulnerability, which stems from the fact that a large portion of the transaction validation logic in the recently introduced signed Frontier-specific...

CVE-2021-39193

CVE-2021-39193 concerns Frontier’s Ethereum compatibility layer (Frontier) and specifically a bug in the Substrate pallet-ethereum. Before commit 0b962f218f0cdd796dadfe26c3f09e68f7861b26, input data size validation was faulty, which could allow invalid transactions to be included in the Ethereum ...

CVE-2021-39193 Transaction validity oversight in pallet-ethereum

Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26, a bug in pallet-ethereum can cause invalid transactions to be included in the Ethereum block state in pallet-ethereum due to not validating the input data size. Any invalid...

Github Frontier 输入验证错误漏洞

Github Frontier is an ethereum-compatible layer for Substrate. It allows you to run unmodified Ether dapps. An input validation error vulnerability exists in Frontier, which stems from the program failing to validate the size of input data, and an error in "pallet-ethereum" could result in an...

Transaction validity oversight in pallet-ethereum

Impact A bug in pallet-ethereum can cause invalid transactions to be included in the Ethereum block state in pallet-ethereum due to not validating the input data size. Any invalid transactions included this way have no possibility to alter the internal Ethereum or Substrate state. The transaction...

GHSA-HW4V-5X4H-C3XM Transaction validity oversight in pallet-ethereum

Impact A bug in pallet-ethereum can cause invalid transactions to be included in the Ethereum block state in pallet-ethereum due to not validating the input data size. Any invalid transactions included this way have no possibility to alter the internal Ethereum or Substrate state. The transaction...

PT-2021-22448 · Frontier +3 · Frontier +3

Name of the Vulnerable Software and Affected Versions: Frontier versions prior to commit 0b962f218f0cdd796dadfe26c3f09e68f7861b26 Description: A bug in pallet-ethereum can cause invalid transactions to be included in the Ethereum block state due to not validating the input data size. Any invalid...