Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/09/30 11:47 p.m.7 views

CVE-2025-59942

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

7.5CVSS7AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2025/09/29 11:15 p.m.6 views

CVE-2025-59942

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

7.5CVSS0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/29 10:50 p.m.2 views

CVE-2025-59942 go-f3 module vulnerable to integer overflow leading to panic

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

7.5CVSS6.6AI score0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/29 10:50 p.m.9 views

CVE-2025-59942 go-f3 module vulnerable to integer overflow leading to panic

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

7.5CVSS0.00312EPSS
Exploits0References1
OSV
OSV
added 2025/09/29 8:40 p.m.3 views

GHSA-G99P-47X7-MQ88 go-f3 module vulnerable to integer overflow leading to panic

Impact Filecoin nodes consuming F3 messages are vulnerable. go-f3 panics when it validates a "poison" messages. A "poison" message can can cause integer overflow in the signer index validation. In Lotus' case, the whole node will crash. There is no barrier to entry. An attacker doesn't need any...

7.5CVSS7.2AI score0.00312EPSS
Exploits0References4
Rows per page
Query Builder