A malicious transaction may cause a crash in mempool validation. A transaction with authorization section containing 256 public keys or more with valid matching signatures triggers an integer overflow in signature verification that causes a the node to panic.
Ledger crash. A user is able to initialize a post-genesis validator with a negative commission rate using the –force flag. If this validator gets into the consensus set, then when computing PoS inflation inside fn update_rewards_products_and_mint_inflation, an instance of mul_floor will cause the return of an Err, which causes finalize_block to error.
A malicious transaction may cause an expensive computation in mempool validation. A transaction with multiple repeated sections causes the section hash calculation used for signature validation to grow exponentially (and potentially even cubic) in proportion to number of sections. This may be used to significantly slow down operation of nodes.