Lucene search
K

83 matches found

OSV
OSV
added 2026/06/22 8:35 p.m.2 views

GHSA-7CFQ-5MHV-JRP9 Inspektor Gadget: Unprivileged container can crash USDT note parser via crafted ELF (no shipped gadget affected)

Summary A malicious container can crash or destabilize the privileged Inspektor Gadget process when a gadget using USDT probes is deployed. The vulnerability is in the USDT note parser pkg/uprobetracer/usdt.go which is invoked when a gadget with a SEC"usdt/..." section attaches to a target binary...

6.3CVSS6.3AI score
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libbpf

A vulnerability has been discovered in the Linux kernel. It has been identified as problematic. This issue affects the parseusdtarg function in the tools/lib/bpf/usdt.c file of the BPF component. Manipulating the regname argument leads to a memory leak. It is recommended that a patch be applied t...

5.7CVSS5.4AI score0.00419EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2026/04/17 12:0 a.m.12 views

DTrace: Arbitrary file creation via dtprobed

Background DTrace is a dynamic tracing tool for analysing or debugging the whole system. Specifically, dtprobed is a component of the DTrace system that keeps track of USDT probes within running processes, parsing and storing the DOF they provide for later consumption by dtrace proper. Descriptio...

5.5CVSS5.9AI score0.00181EPSS
Exploits0
Securelist
Securelist
added 2026/03/10 10:0 a.m.9 views

BeatBanker: A dual‑mode Android Trojan

Recently, we uncovered BeatBanker, an Android‑based malware campaign targeting Brazil. It spreads primarily through phishing attacks via a website disguised as the Google Play Store. To achieve their goals, the malicious APKs carry multiple components, including a cryptocurrency miner and a banki...

6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/06/03 1:40 p.m.51 views

WhatsApp cryptocurrency scam goes for the cash prize

This weekend a scammer tried his luck by reaching out to me on WhatsApp. It’s not that I don’t appreciate it, but trust me, it’s bad for your business. I received one message from a number hailing from the Togolese Republic. WhatsApp message from an unknow sender “Jay, your financial account has...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/19 9:46 a.m.13 views

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam

The U.S. Department of Justice DoJ has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies. The individuals, Daren Li, 41, and Yicheng Zhang, 38, were arrested in Atlanta and Los Angeles ...

7.4AI score
Exploits0
Code423n4
Code423n4
added 2023/10/11 12:0 a.m.9 views

Some ERC20Votes tokens will not work if you set approve() to any value without setting to zero first

Lines of code Vulnerability details Impact Not setting allowance to Zero before changing the allowance can hinder the deployment of the ERC20ProxyDelegator contract for some ERC20 tokens Proof of Concept Some ERC20 tokens like USDT with Voting enabled will not work when changing the allowance fro...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/10/06 12:0 a.m.8 views

USDT tokens should approve to zero first otherwise it may cause other tokens to get stuck in the case of aprooveMultipleTokens

Lines of code Vulnerability details Impact Unsafe ERC20 approve that do not handle non-standard erc20 behavior. Some token contracts do not return any value. Some token contracts revert the transaction when the allowance is not zero. Proof of Concept When receiving tokens to the destination chain...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/09/14 12:0 a.m.8 views

SafeTransferLib's safeApprove() does not set allowance 0 first which would lead to the escrow encountering issues when dealing with tether's USDT or tokens like it.

Lines of code Vulnerability details Impact Medium... a number of features within the protocol will not work if an approval reverts in the escrow or anywhere else NB: Report mainly focuses on the usage of the SafeTransferLib's safeApprove, but bug is attached to the underlying call made to approve...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/08/14 12:0 a.m.7 views

The vulnerability of the parse_usdt_arg() function in the tools/lib/bpf/usdt.c module of the Linux kernel’s BPF component allows a hacker to induce a service failure.

The vulnerability of the parseusdtarg function in the tools/lib/bpf/usdt.c module of the Linux kernel’s BPF component is related to a memory overflow issue. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...

5.7CVSS5.5AI score0.00419EPSS
Exploits0References8Affected Software2
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.12 views

USDT approval racing can lead to DoS

Lines of code Vulnerability details Impact USDT approval racing can lead to DoS Proof of Concept 2023-07-tapioca/tapioca-periph-audit/contracts/Magnetar/modules/MagnetarMarketModule.solL157 Tools Used Recommended Mitigation Steps Use safeApprove Assessed type call/delegatecall --- The text was...

7AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2023/07/21 7:0 a.m.4 views

Linux Kernel BPF usdt.c parse_usdt_arg memory leak

...

5.7CVSS7.1AI score0.00419EPSS
Exploits0
Code423n4
Code423n4
added 2023/07/05 12:0 a.m.10 views

In MulticallRootRouter.sol, approve function can fail for non standard ERC20 tokens like USDT

Lines of code Vulnerability details Impact Some tokens like USDT do not work when changing the allowance from an existing non-zero allowance value. For example Tether USDT’s approve function will revert if the current approval is not zero, to protect against front-running changes of approvals. Li...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/07 12:0 a.m.9 views

ERC20 approve can fail for some tokens

Lines of code ReaperBaseStrategyv4.solL74 Vulnerability details Summary Some tokens like USDT do not work when changing the allowance from an existing non-zero allowance value. They must first be approved by zero and then the actual allowance must be approved. approve reverts for tokens like USDT...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:31 a.m.4 views

SUSE CVE-2022-3533

A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects the function parseusdtarg of the file tools/lib/bpf/usdt.c of the component BPF. The manipulation of the argument regname leads to memory leak. It is recommended to apply a patch to fix this issue. The...

4.7CVSS6.6AI score0.00419EPSS
Exploits0References3
Code423n4
Code423n4
added 2023/02/03 12:0 a.m.11 views

_transferFromCaller is not compatible with USDT and similar tokens

Lines of code Vulnerability details transferFromCaller is not compatible with USDT and similar tokens Summary Setting directly typeuint256.max won't work for USDTTether. This is done at both transferFromCaller: NFTDriver.solL289 AddressDriver.solL174 Description Some tokens like USDT do not work...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/01/28 12:0 a.m.15 views

Only one GroupBuy can ever use USDT or similar tokens with front-running approval protections

Lines of code Vulnerability details The issue that is described in code-423n4/2022-12-tessera-findings37 was not mitigated and still applies like it is described there. --- The text was updated successfully, but these errors were encountered: All reactions...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/01/22 12:0 a.m.12 views

Upgraded Q -> M from #658 [1674423084300]

Judge has assessed an item in Issue 658 as M risk. The relevant finding follows: L-04 USDT IS NOT SUPPORTED FOR CALLING Trading.handleDeposit FUNCTION ON ETHEREUM MAINNET As shown by , USDT on the Ethereum mainnet does not allow approving a new amount when the existing approved amount is not zero...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/01/22 12:0 a.m.8 views

Upgraded Q -> M from #164 [1674419095024]

Judge has assessed an item in Issue 164 as M risk. The relevant finding follows: LOW‑1 The Contract Should approve0 First Some tokens like USDT L199 do not work when changing the allowance from an existing non-zero allowance value. They must first be approved by zero and then the actual allowance...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.5 views

PT-2023-33879 · Libbpf · Libbpf

Name of the Vulnerable Software and Affected Versions: libbpf versions prior to v6.0.16 Description: A memory leak issue was discovered in the parse usdt arg function. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to v6.0.16, update to Lin...

7.2AI score
Exploits0References1
Rows per page
Query Builder