GHSA-CJG2-2FJG-FPH4

Vulnerability from github – Published: 2022-01-14 21:03 – Updated: 2024-10-24 21:50
VLAI?
Summary
Integer underflow in Frontier
Details

Impact

A bug in Frontier's MODEXP precompile implementation can cause an integer underflow in certain conditions. This will cause a node crash for debug builds. For release builds (and production WebAssembly binaries), the impact is limited as it can only cause a normal EVM out-of-gas. It is recommended that you apply the patch as soon as possible.

If you do not use MODEXP precompile in your runtime, then you are not impacted.

Patches

Patches are applied in PR #549.

Workarounds

None.

References

Patch PR: #549

Credits

Thanks to SR-Labs for discovering the security vulnerability, and thanks to PureStake team for the patches.

For more information

If you have any questions or comments about this advisory: * Open an issue in the Frontier repo

Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "pallet-evm-precompile-modexp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-21685"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-01-14T19:58:51Z",
    "nvd_published_at": "2022-01-14T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nA bug in Frontier\u0027s MODEXP precompile implementation can cause an integer underflow in certain conditions. This will cause a node crash for debug builds. For release builds (and production WebAssembly binaries), the impact is limited as it can only cause a normal EVM out-of-gas. It is recommended that you apply the patch as soon as possible.\n\nIf you do not use MODEXP precompile in your runtime, then you are not impacted.\n\n### Patches\n\nPatches are applied in PR #549.\n\n### Workarounds\n\nNone.\n\n### References\n\nPatch PR: #549\n\n### Credits\n\nThanks to SR-Labs for discovering the security vulnerability, and thanks to PureStake team for the patches.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Open an issue in the [Frontier repo](https://github.com/paritytech/frontier)\n",
  "id": "GHSA-cjg2-2fjg-fph4",
  "modified": "2024-10-24T21:50:43Z",
  "published": "2022-01-14T21:03:36Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/paritytech/frontier/security/advisories/GHSA-cjg2-2fjg-fph4"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21685"
    },
    {
      "type": "WEB",
      "url": "https://github.com/paritytech/frontier/pull/549"
    },
    {
      "type": "WEB",
      "url": "https://github.com/paritytech/frontier/commit/8a93fdc6c9f4eb1d2f2a11b7ff1d12d70bf5a664"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/paritytech/frontier"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Integer underflow in Frontier"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.