- Reported
-
- Issued
-
- Package
-
evm-core
(crates.io)
- Type
-
Vulnerability
- Categories
-
- Details
-
https://github.com/rust-blockchain/evm
- Patched
-
>=0.26.1
^0.25.1
^0.24.1
^0.23.1
^0.21.1
Description
Prior to the patch, when executing specific EVM opcodes related
to memory operations that use evm_core::Memory::copy_large
, the
crate can over-allocate memory when it is not needed, making it
possible for an attacker to perform denial-of-service attack.
The flaw was corrected in commit 19ade85
.