CVE-2021-46102

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-46102

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-46102.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-46102

Aliases

GHSA-xwqr-xmgg-j69q

Published

2022-01-27T18:15:07.770Z

Modified

2026-03-15T22:42:34.653370Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.stvalue is read directly from ELF file without checking. If the sym.stvalue is rather large, an integer overflow is triggered while calculating the variable "addr" via "addr = (sym.stvalue + refdpa) as u64";

References

Affected packages

Git / github.com/solana-labs/rbpf

Affected ranges

Type

GIT

Repo

https://github.com/solana-labs/rbpf

Events

Introduced

302de4d10888dfb76534693308f4ef8060b86fcd

Last affected

c14764850f0b83b58aa013248eaf6d65836c1218

Database specific

{
    "versions": [
        {
            "introduced": "0.2.14"
        },
        {
            "last_affected": "0.2.16"
        }
    ]
}

Affected versions

v0.*

v0.2.14

v0.2.15

v0.2.16

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-46102.json"