Description
In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. The vulnerability affects both integrity and may cause serious availability problems.
References (3)
Core 3
Core References
Patch, Third Party Advisory x_refsource_misc
https://github.com/solana-labs/rbpf/commit/e61e045f8c244de978401d186dcfd50838817297
Exploit, Third Party Advisory x_refsource_misc
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-23066
Exploit, Third Party Advisory x_refsource_misc
https://blocksecteam.medium.com/how-a-critical-bug-in-solana-network-was-detected-and-timely-patched-a701870e1324
Scores
CVSS v3
9.1
EPSS
0.0224
EPSS Percentile
80.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Details
CWE
CWE-682
Status
published
Products (3)
crates.io/solana_rbpf
0.2.26 - 0.2.28crates.io
solana/rbpf
0.2.26
solana/rbpf
0.2.27
Published
May 09, 2022
Tracked Since
Feb 18, 2026