SUSE CVE-2025-59942

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

CVE-2025-59942

The CVE-2025-59942 entry affects the go-f3 module (Golang implementation of Fast Finality for Filecoin). The vulnerability is an integer overflow in signer index validation that occurs when processing a crafted “poison” message, causing a panic and potential node crash. Affected are go-f3 version...

CVE-2025-59942 go-f3 module vulnerable to integer overflow leading to panic

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound when it validates a "poison" message. An attacker can cause a node to crash by sending specially crafted messages that trigger an integer overflow, resulting in a panic. Remediation Upgrade...

PT-2025-39917

Name of the Vulnerable Software and Affected Versions go-f3 versions 0.8.6 and earlier Description go-f3 is a Golang implementation of Fast Finality for Filecoin F3. Versions 0.8.6 and below experience a panic when validating specific "poison" messages. These messages can trigger an integer...