Jy

**Name of the Vulnerable Software and Affected Versions** RELIC versions before commit 34580d840469361ba9b5f001361cad659687b9ab **Description** The issue allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling the `realloc` function in the `bn grow` function. **Recommendations** For versions before commit 34580d840469361ba9b5f001361cad659687b9ab, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of the `bn grow` function until a patch is available. Avoid using the `realloc` function in the `bn grow` function until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** RELIC versions before commit 421f2e91cf2ba42473d4d54daf24e295679e290e **Description** The issue allows attackers to execute arbitrary code and cause a denial of service. This is due to an integer overflow vulnerability in the `bn get prime` function, specifically in the `pos` argument. **Recommendations** For versions before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of the `bn get prime` function until a patch is available.