Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Stack Overflow vulnerability was discovered in the TON Virtual Machine (TVM) before v2024.10. The vulnerability stems from the improper handling of vmstate and continuation jump instructions, which allow for continuous dynamic tail calls. An attacker can exploit this by crafting a smart contract with deeply nested jump logic. Even within permissible gas limits, this nested execution exhausts the host process's stack space, causing the validator node to crash. This results in a Denial of Service (DoS) for the TON blockchain network.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TON 安全漏洞
Vulnerability Description
TON是TON开源的一个区块链软件。 TON v2024.10之前版本存在安全漏洞,该漏洞源于对vmstate和continuation jump指令处理不当,可能导致攻击者通过特制智能合约造成堆栈溢出。
CVSS Information
N/A
Vulnerability Type
N/A