OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5c278e8dde28d3467ec829aaaea5d14fb6bcc2a
advisory-db/crates/evm-core/RUSTSEC-2021-0066.md
Wei Tang 7e4cbf6107 evm-core: fix crate name (#911)
2021-05-11 18:59:58 -07:00

617 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2021-0066"
package = "evm-core"
date = "2021-05-11"
url = "https://github.com/rust-blockchain/evm"
categories = ["denial-of-service"]

[versions]
patched = [">= 0.26.1", "0.25.1", "0.24.1", "0.23.1", "0.21.1"]

Denial of service on EVM execution due to memory over-allocation

Prior to the patch, when executing specific EVM opcodes related to memory operations that use evm_core::Memory::copy_large, the crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack.

The flaw was corrected in commit 19ade85.