PT-2022-19320 · Unknown · Fisco-Bcos

Fcorleone

Published

2022-05-15

Updated

2022-05-24

CVE-2022-28936

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions FISCO-BCOS version release-3.0.0-rc2

Description The issue allows a malicious node to trigger an integer overflow, resulting in a Denial of Service (DoS) via an unusually large viewchange message packet.

Recommendations For FISCO-BCOS version release-3.0.0-rc2, consider restricting the size of viewchange message packets to prevent unusually large packets from causing an integer overflow and subsequent Denial of Service (DoS).

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2022-28936

Affected Products

Fisco-Bcos

PT-2022-19320 · Unknown · Fisco-Bcos

CVE-2022-28936

Weakness Enumeration

Related Identifiers

Affected Products

References · 4