CVE-2022-40769

Source
https://cve.org/CVERecord?id=CVE-2022-40769
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-40769.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-40769
Published
2022-09-18T16:01:08Z
Modified
2026-07-09T06:01:46.241318Z
Summary
[none]
Details

profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/40xxx/CVE-2022-40769.json",
    "cna_assigner": "mitre"
}
References

Affected packages

Git / github.com/johguse/profanity

Affected ranges

Type
GIT
Repo
https://github.com/johguse/profanity
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "cpe": "cpe:2.3:a:profanity_project:profanity:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.60"
        },
        {
            "last_affected": "1.60"
        }
    ],
    "source": [
        "DESCRIPTION",
        "CPE_RANGE"
    ]
}

Affected versions

v1.*
v1.0
v1.1
v1.11
v1.12
v1.2
v1.21
v1.22
v1.3
v1.31
v1.4
v1.50

Database specific

vanir_signatures
[
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "335653004125579727361909521583037682761",
                "311482898943491207032871869398135283951",
                "137739608384132628283623628429958562105",
                "278071674560827812021299947126638175853",
                "259946597086722551199272541397494173355",
                "318902216411399292229207906306965567427",
                "278764409281609167152726528468827208646",
                "331278226160300765570076318712786322155",
                "132689319566273043415048501793258129128",
                "45427195988141541511236882309774713905",
                "323839747872209976362525898298426142735",
                "174234455823546615322928600746770523665",
                "74737338088607167957446984168002590365",
                "56454326804197721767231139214249316576",
                "314037825821763149979635030504352355527",
                "8544468287428654008031504924511431551",
                "264731206887473933071413980606380791370"
            ]
        },
        "target": {
            "file": "Dispatcher.hpp"
        },
        "id": "CVE-2022-40769-0d06e3f2",
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
        "deprecated": false
    },
    {
        "digest": {
            "function_hash": "40700540793381116661358800051364592008",
            "length": 1656.0
        },
        "target": {
            "function": "Dispatcher::initBegin",
            "file": "Dispatcher.cpp"
        },
        "id": "CVE-2022-40769-0eb9b86a",
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
        "deprecated": false
    },
    {
        "digest": {
            "function_hash": "125522956173111395869378250304266447134",
            "length": 592.0
        },
        "target": {
            "function": "Dispatcher::onEvent",
            "file": "Dispatcher.cpp"
        },
        "id": "CVE-2022-40769-2aacbe9c",
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
        "deprecated": false
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "229429070403753869520336598756028695416",
                "317722874171969280148707390817702991472",
                "175742555053086738064520918892541319635",
                "126681243252968052628384997076175012451",
                "313164911110104434772140287596456484565",
                "334560537950424089764477743746445842476",
                "162883311999151176025329287951508872296",
                "203437997028521354937296151814470689256",
                "150944661205962686518814511509102791415",
                "190838076893154117805155540709215556902",
                "152204552019544659330601628661067460782",
                "18300060505647202050042721968543518739",
                "268020046929094918929919870032514790276",
                "163312471417396922505891248165027082407",
                "259615065894319263283738645855856386581",
                "206488196871809245535130362519919033989",
                "63318331295419976650323028330971960520",
                "127999889231098819982353190825474074551",
                "78765847272912592359471210840386488859",
                "217654238362410393426077490113516869470",
                "190908863416180397551641431826828575498",
                "323306367904102798318770599112300673224",
                "241415698444591556178456414068124804607",
                "259488421585268079658853640563122087284",
                "220476204097687923798807655076218228022",
                "109530843889318024497349278757897224171",
                "311874730584353549137731011848772463415",
                "221164557121446593222021323515561859276",
                "198302279820889518990074500168551297974",
                "267209063905201880625078485712367949606",
                "26877038630028942765458487832920963887",
                "142896269812521314779799500300052216393",
                "185845632080402751804630699168015791331",
                "261062007920270832021301244854679199669",
                "143015482972774597917274466573201313304",
                "301052535267067022898182864761582566908",
                "222844022248910071375562520807212942602",
                "62404496069244966002893989027164326554",
                "156919150340417496846930266608564716561",
                "272922549834024161063920238274353533935",
                "110189677317991468744622262183744527614",
                "219366473596757673397382730149207374694",
                "13794894341898863372085945911898362051",
                "308199277357253668444020106155638103737",
                "65441086983644355250724992598833857231",
                "92459386977881611936695201547034526875",
                "256297623389755699437276189869534667991",
                "1860733805697629023551505238303159556",
                "160015488594996146385078725160655073393",
                "141224078672408286568208031028757028201",
                "180357577247216218417645142225151899638",
                "99637510364442156177228881931611209663",
                "200534918495052722640743938053453640059",
                "290852471142157404643568053683591981643",
                "114645550883763787241258644020232110198",
                "278859414165576429953159106265816254460",
                "93611591220895066012192055778395381518",
                "209893846760305076241948948777239757089",
                "178090542395311496234181229538854017183",
                "277322779006511466675457139877515854483",
                "155015821191886968963895158538742366899",
                "181327179493986888934596319686437756848",
                "73714616916644733502024094324995648389",
                "104209423984360332152569934171459999563",
                "172031959742022336900708092579064164219",
                "71155841245155578424388489629021102080",
                "292096106630925104641534687293540793334",
                "303020245810626129242448789383383761286",
                "189306886743833478320688446733369526964",
                "198848877490426056022144674945757017365",
                "225921145049220089961558294490058463309",
                "106427871458837428198598627430266409208",
                "324037354733495496156242969560297278205",
                "282808197849078960179385730548000908801",
                "50509637941638622173505197532847970748",
                "30700556599764391197283819223475319137",
                "24715910089255020943525531854150635078",
                "213108484878122208948147697813788969345",
                "327912794942278313139683143064858812923"
            ]
        },
        "target": {
            "file": "Dispatcher.cpp"
        },
        "id": "CVE-2022-40769-4ae62c40",
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
        "deprecated": false
    },
    {
        "digest": {
            "function_hash": "95012158442187386622958557493990876094",
            "length": 1131.0
        },
        "target": {
            "function": "Dispatcher::init",
            "file": "Dispatcher.cpp"
        },
        "id": "CVE-2022-40769-563f32ae",
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
        "deprecated": false
    },
    {
        "digest": {
            "function_hash": "112313715075229863687738086570648394769",
            "length": 1604.0
        },
        "target": {
            "function": "Dispatcher::Device::Device",
            "file": "Dispatcher.cpp"
        },
        "id": "CVE-2022-40769-5e0aa891",
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
        "deprecated": false
    },
    {
        "digest": {
            "function_hash": "162957381259888408761373860055163171004",
            "length": 836.0
        },
        "target": {
            "function": "Dispatcher::initContinue",
            "file": "Dispatcher.cpp"
        },
        "id": "CVE-2022-40769-9919b552",
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
        "deprecated": false
    },
    {
        "digest": {
            "function_hash": "252484899145987245914060764224752620817",
            "length": 293.0
        },
        "target": {
            "function": "getKernelExecutionTimeMillis",
            "file": "Dispatcher.cpp"
        },
        "id": "CVE-2022-40769-b491ee33",
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
        "deprecated": false
    },
    {
        "digest": {
            "function_hash": "161073974858956666727261879480455510964",
            "length": 1082.0
        },
        "target": {
            "function": "Dispatcher::dispatch",
            "file": "Dispatcher.cpp"
        },
        "id": "CVE-2022-40769-d3af8f7c",
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/johguse/profanity/commit/90f2c2186fd390e55241b16a782830082da49b2d",
        "deprecated": false
    }
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-40769.json"
vanir_signatures_modified
"2026-07-09T06:01:46Z"