Practicalswift

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions prior to 0.21.0 Description: The issue arises from an integer overflow when calculating the time offset for newly connecting peers, combined with an abs64 logic bug. This can lead to a network split. Recommendations: For versions prior to 0.21.0, update to version 0.21.0 or later to resolve the issue. As a temporary workaround, consider restricting the connection of new peers to minimize the risk of a network split.

**Name of the Vulnerable Software and Affected Versions** UniValue versions prior to 1.0.5 **Description** The issue allows attackers to cause a denial of service by putting the class internal data into an inconsistent state via input data that triggers an error. This occurs in the `UniValue::read()` function. **Recommendations** For versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. As a temporary workaround, consider validating input data to prevent it from triggering errors in the `UniValue::read()` function.

**Name of the Vulnerable Software and Affected Versions** libXfont versions prior to 1.4.7 libpciaccess0 (affected versions not specified) xorg-x11-devel (affected versions not specified) xorg-x11-libs (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in the libXfont package, which can lead to a breach of confidentiality, integrity, and availability of protected information. The vulnerabilities can be exploited remotely. **Recommendations** For libXfont versions prior to 1.4.7, update to version 1.4.7 or later. For libpciaccess0, there is no information about a newer version that contains a fix for this vulnerability. For xorg-x11-devel, there is no information about a newer version that contains a fix for this vulnerability. For xorg-x11-libs, there is no information about a newer version that contains a fix for this vulnerability.