Name of the Vulnerable Software and Affected Versions: ORML Rewards pallet versions prior to the fixed version

Description: A vulnerability in the add share function can lead to an uncaught Rust panic when handling user-provided input exceeding the u128 range. This issue affects any Substrate-based chain using ORML Rewards with add share accepting unvalidated large u128 inputs. The add share function performs arithmetic on user-supplied values (add amount) of type T::Share (mapped to u128 in Acala), and if add amount is large enough, the intermediate result may overflow and panic on the cast to u128. A malicious user submitting a specially crafted extrinsic can cause a panic in the runtime, resulting in Denial of Service by crashing the node process and potentially producing invalid blocks.

Recommendations: For ORML Rewards pallet versions prior to the fixed version, update to a version that includes the fix, such as the 1.0.1 patch release or later, to resolve the issue. As a temporary workaround, consider disabling the add share function until a patch is available. Restrict access to the rewards/src/lib.rs component to minimize the risk of exploitation. Avoid using the add amount variable in the affected add share function until the issue is resolved.