Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Message length overflow in frontier
Vulnerability Description
Frontier is Substrate's Ethereum compatibility layer. A security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause an overflow panic. No action is needed unless you have a bridge node that needs to distinguish different reversion exit reasons and you used RPC for this. There are currently no known workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
Frontier 输入验证错误漏洞
Vulnerability Description
Frontier是一个 Substrate 的以太坊兼容层。用于运行未经修改的以太坊 Dapp。 Frontier 存在输入验证错误漏洞,该漏洞源于在 EVM 恢复的情况下会影响RPC结果的解析。在发布版本中,这将导致退出原因被 RPC错误地解析和返回。在调试版本中,这将导致溢出死机。
CVSS Information
N/A
Vulnerability Type
N/A