pysec-2024-147
Vulnerability from pysec
Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the IR for sha3_64. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand (that is, it cannot be triggered from regular vyper code). sha3_64 is used for retrieval in mappings. No flow that would cache the key was found so the issue shouldn't be possible to trigger when compiling the compiler-generated IR. This issue isn't triggered during normal compilation of vyper code so the impact is low. At the time of publication there is no patch available.
| Name | purl |
|---|---|
| vyper | pkg:pypi/vyper |
{ affected: [ { package: { ecosystem: "PyPI", name: "vyper", purl: "pkg:pypi/vyper", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "0.4.0b1", }, ], type: "ECOSYSTEM", }, ], versions: [ "0.1.0b1", "0.1.0b10", "0.1.0b11", "0.1.0b12", "0.1.0b13", "0.1.0b14", "0.1.0b15", "0.1.0b16", "0.1.0b17", "0.1.0b2", "0.1.0b3", "0.1.0b4", "0.1.0b5", "0.1.0b6", "0.1.0b7", "0.1.0b8", "0.1.0b9", "0.2.1", "0.2.10", "0.2.11", "0.2.12", "0.2.13", "0.2.14", "0.2.15", "0.2.16", "0.2.2", "0.2.3", "0.2.4", "0.2.5", "0.2.6", "0.2.7", "0.2.8", "0.2.9", "0.3.0", "0.3.1", "0.3.10", "0.3.10rc1", "0.3.10rc2", "0.3.10rc3", "0.3.10rc4", "0.3.10rc5", "0.3.2", "0.3.3", "0.3.4", "0.3.5", "0.3.6", "0.3.7", "0.3.8", "0.3.9", ], }, ], aliases: [ "CVE-2024-24559", "GHSA-6845-xw22-ffxv", ], details: "Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the `IR` for `sha3_64`. Concretely, the `height` variable is miscalculated. The vulnerability can't be triggered without writing the `IR` by hand (that is, it cannot be triggered from regular vyper code). `sha3_64` is used for retrieval in mappings. No flow that would cache the `key` was found so the issue shouldn't be possible to trigger when compiling the compiler-generated `IR`. This issue isn't triggered during normal compilation of vyper code so the impact is low. At the time of publication there is no patch available.", id: "PYSEC-2024-147", modified: "2024-11-21T14:23:02.864019+00:00", published: "2024-02-05T21:15:00+00:00", references: [ { type: "ADVISORY", url: "https://github.com/vyperlang/vyper/security/advisories/GHSA-6845-xw22-ffxv", }, { type: "WEB", url: "https://github.com/vyperlang/vyper/blob/c150fc49ee9375a930d177044559b83cb95f7963/vyper/ir/compile_ir.py#L585-L586", }, ], severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
This schema specifies the format of a comment related to a security advisory.
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.