4 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: The integer overflow checks in mapuserpages have been cleaned up. The encodedma function includes some validations for intrans-size. However, it would be clearer to move these checks to findandmapuserpages. encoded...
CVE-2022-38986
The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause out-of-bounds access to the HIPP module and page table tampering, affecting device confidentiality and availability...
Need to check with quantity also in _beforeTokenTransfers
Lines of code Vulnerability details Impact In Tray.sol, we can see tokenId checking in beforTokenTransfers. In the current code, it assumes that quantity is 1. But we need to take care with bunch transfer. Proof of Concept function beforeTokenTransfers address, / from/ address to, uint256...
Bogus deposits in Pools possible
Lines of code Vulnerability details Impact Bogus deposits in the Pools is possible by calling the function deposit with a malicious ERC20 token that always returns true whenever transferFrom is called. Tools Used Manual Inspection Recommended Mitigation Steps Create a whitelist of allowed ERC20...