GHSA-jm5c-rv3w-w83m
Suggest an improvement- Source
- https://github.com/advisories/GHSA-jm5c-rv3w-w83m
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/06/GHSA-jm5c-rv3w-w83m/GHSA-jm5c-rv3w-w83m.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-jm5c-rv3w-w83m
- Aliases
- Related
- Published
- 2021-06-29T21:13:20Z
- Modified
- 2025-01-30T14:38:53Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Denial of service in geth
- Details
-
Impact
Denial-of-service (crash) during block processing
Details
Affected versions suffer from a vulnerability which can be exploited through the
MULMODoperation, by specifying a modulo of0:mulmod(a,b,0), causing apanicin the underlying library. The crash was in theuint256library, where a buffer underflowed.if `d == 0`, `dLen` remains `0`and https://github.com/holiman/uint256/blob/4ce82e695c10ddad57215bdbeafb68b8c5df2c30/uint256.go#L451 will try to access index
[-1].The
uint256library was first merged in this commit, on 2020-06-08. Exploiting this vulnerabilty would cause all vulnerable nodes to drop off the network.The issue was brought to our attention through a bug report, showing a
panicoccurring on sync from genesis on the Ropsten network.It was estimated that the least obvious way to fix this would be to merge the fix into
uint256, make a new release of that library and then update the geth-dependency.- https://github.com/holiman/uint256/releases/tag/v1.1.1 was made the same day,
- PR to address the issue: https://github.com/holiman/uint256/pull/80
- PR to update geth deps: https://github.com/ethereum/go-ethereum/pull/21368
Patches
Upgrade to v1.9.18 or higher
Workarounds
Not at this time
References
https://blog.ethereum.org/2020/11/12/gethsecurityrelease/
For more information
If you have any questions or comments about this advisory: * Open an issue in go-ethereum * Email us at security@ethereum.org
- Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-125", "CWE-191", "CWE-400" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2021-05-21T21:50:44Z" }- References
-
- https://github.com/ethereum/go-ethereum/security/advisories/GHSA-jm5c-rv3w-w83m
- https://nvd.nist.gov/vuln/detail/CVE-2020-26242
- https://github.com/holiman/uint256/pull/80
- https://github.com/ethereum/go-ethereum/commit/7163a6664ee664df81b9028ab3ba13b9d65a7196
- https://github.com/holiman/uint256/commit/6785da6e3eea403260a5760029e722aa4ff1716d
- https://blog.ethereum.org/2020/11/12/geth_security_release
- https://github.com/ethereum/go-ethereum
- https://pkg.go.dev/vuln/GO-2021-0103
Affected packages
Go / github.com/ethereum/go-ethereum
Package
- Name
- github.com/ethereum/go-ethereum
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/ethereum/go-ethereum
Go / github.com/holiman/uint256
Package
- Name
- github.com/holiman/uint256
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/holiman/uint256