SUSE CVE-2025-59942

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

CVE-2025-59942 go-f3 module vulnerable to integer overflow leading to panic

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

CVE-2025-59942

The CVE-2025-59942 entry affects the go-f3 module (Golang implementation of Fast Finality for Filecoin). The vulnerability is an integer overflow in signer index validation that occurs when processing a crafted “poison” message, causing a panic and potential node crash. Affected are go-f3 version...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound when it validates a "poison" message. An attacker can cause a node to crash by sending specially crafted messages that trigger an integer overflow, resulting in a panic. Remediation Upgrade...

PT-2025-39917

Name of the Vulnerable Software and Affected Versions go-f3 versions 0.8.6 and earlier Description go-f3 is a Golang implementation of Fast Finality for Filecoin F3. Versions 0.8.6 and below experience a panic when validating specific "poison" messages. These messages can trigger an integer...