PT-2025-51613

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where cls bpf classify can modify tc skb cbskb-drop reason, leading to a warning within sk skb reason drop. This occurs due to an incorrect interaction...

FollowNFT storage collision

Lines of code Vulnerability details Impact The lastFollowTokenId of FollowNFT contract has a storage collision. V2.0 storage layout: | lastFollowTokenId | uint128 | 17 | 0 | 16 | contracts/FollowNFT.sol:FollowNFT | | followerCount | uint128 | 17 | 16 | 16 | contracts/FollowNFT.sol:FollowNFT |...

Storage collision risk in NounsDAOProxy contracts

Lines of code Vulnerability details Impact NounsDAOProxy contract may lose tracking its implementation address Proof of Concept One of the main vulnerabilities of upgradeable contracts is storing the implementation address in the beginning slots. This address is later used by proxy for delegateca...

Possiblity of storage collision

Lines of code Vulnerability details Impact There is a possibility of storage collision, when you upgrade the implementation contract in the . This could happen because the storage in the smart contract is stored the storage value from the left to the right, and if you add a new var to the storage...

Unsafe Storage Layout

Lines of code Vulnerability details Potentially lead to storage collision and cause the account to be re-initialized or have ownership transferred. Use upgradeable DiamondStorage for all inherited contracts. --- The text was updated successfully, but these errors were encountered: All reactions...

Storage collision in Collateral.sol

Lines of code Vulnerability details Vulnerability details collateral.sol is an upgradeable contract. Upgradeable contracts should not use the constructor to initialize variables, as these will be set in the contract storage of the implementation contract, instead of the intended contract storage ...

Storage layout collision issue between NounsDAOStorageV1 and NounsDAOStorageV1Adjusted

Lines of code Vulnerability details Impact Since two new variables are added in the contract NounsDAOStorageV1Adjusted at the end of the struct proposal, the memory layout between the NounsDAOStorageV1 and NounsDAOStorageV1Adjusted is colluding. This affects the variable type and values in the...

Storage collision between proxy and logic v2

Lines of code Vulnerability details The lack of using EIP1967 proposal can lead to a storage collision on variables when implementing proxy-implementation pattern. More details can be found here; Impact Since the project implementing proxies with logic and implementation pattern where they share...

Proxy storage collision - contracts might be bricked

Lines of code Vulnerability details The proxy contracts save the implementation variables in the first storage slot see links above. This will lead to storage collusions when the implementation contract tries to read/update the first storage slot. For the implementation contract, the first storag...