Common Weakness Enumeration

CWE-682

Discouraged

Incorrect Calculation

Abstraction: Pillar · Status: Draft

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

159 vulnerabilities reference this CWE, most recent first.

GHSA-C374-R9P6-QGGQ

Vulnerability from github – Published: 2025-02-07 03:32 – Updated: 2025-02-11 00:31
VLAI
Details

The mstatus register in RSD commit 3d13a updates incorrectly, leading to processing errors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-25883"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-06T22:15:37Z",
    "severity": "MODERATE"
  },
  "details": "The mstatus register in RSD commit 3d13a updates incorrectly, leading to processing errors.",
  "id": "GHSA-c374-r9p6-qggq",
  "modified": "2025-02-11T00:31:47Z",
  "published": "2025-02-07T03:32:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25883"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rsd-devel/rsd/issues/75"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C3C6-7G46-49XF

Vulnerability from github – Published: 2022-05-12 00:01 – Updated: 2022-05-20 00:00
VLAI
Details

There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-29978"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-11T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.",
  "id": "GHSA-c3c6-7g46-49xf",
  "modified": "2022-05-20T00:00:52Z",
  "published": "2022-05-12T00:01:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29978"
    },
    {
      "type": "WEB",
      "url": "https://github.com/saitoha/libsixel/issues/166"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C46P-G2H9-XCVX

Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2025-04-20 03:43
VLAI
Details

The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-12134"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-08-24T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.",
  "id": "GHSA-c46p-g2h9-xcvx",
  "modified": "2025-04-20T03:43:46Z",
  "published": "2022-05-13T01:42:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12134"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477656"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201801-14"
    },
    {
      "type": "WEB",
      "url": "https://support.citrix.com/article/CTX225941"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3655-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3655-2"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2017/dsa-3981"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2017/08/15/4"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/100343"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039176"
    },
    {
      "type": "WEB",
      "url": "http://xenbits.xen.org/xsa/advisory-229.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C57J-PQ55-RH2X

Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2022-05-24 19:02
VLAI
Details

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-13661.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31440"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-21T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-13661.",
  "id": "GHSA-c57j-pq55-rh2x",
  "modified": "2022-05-24T19:02:57Z",
  "published": "2022-05-24T19:02:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31440"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=10bf4e83167cc68595b85fd73bb91e8f2c086e36"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210706-0003"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-503"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C7PR-343R-5C46

Vulnerability from github – Published: 2021-10-06 17:48 – Updated: 2024-11-18 22:44
VLAI
Summary
missing clamps for decimal args in external functions
Details

Impact

The following code does not properly validate that its input is in bounds.

@external
def foo(x: decimal) -> decimal:
    return x

Patches

0.3.0 / #2447

Workarounds

Don't use decimal args

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "vyper"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.3.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-41122"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-10-06T13:26:05Z",
    "nvd_published_at": "2021-10-05T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nThe following code does not properly validate that its input is in bounds.\n\n```python\n@external\ndef foo(x: decimal) -\u003e decimal:\n    return x\n```\n\n### Patches\n0.3.0 / #2447\n\n### Workarounds\nDon\u0027t use decimal args\n\n",
  "id": "GHSA-c7pr-343r-5c46",
  "modified": "2024-11-18T22:44:51Z",
  "published": "2021-10-06T17:48:46Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-c7pr-343r-5c46"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41122"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vyperlang/vyper/pull/2447"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/vyper/PYSEC-2021-366.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/vyperlang/vyper"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "missing clamps for decimal args in external functions"
}

GHSA-CPF4-WX82-GXP6

Vulnerability from github – Published: 2021-11-10 18:48 – Updated: 2024-11-13 21:59
VLAI
Summary
Segfault due to negative splits in `SplitV`
Details

Impact

The implementation of SplitV can trigger a segfault is an attacker supplies negative arguments:

import tensorflow as tf

tf.raw_ops.SplitV(
  value=tf.constant([]),
  size_splits=[-1, -2]
  ,axis=0,
  num_split=2)

This occurs whenever size_splits contains more than one value and at least one value is negative.

Patches

We have patched the issue in GitHub commit 25d622ffc432acc736b14ca3904177579e733cc6.

The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported by members of the Aivul Team from Qihoo 360.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.6.0"
            },
            {
              "fixed": "2.6.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.6.0"
            },
            {
              "fixed": "2.6.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.6.0"
            },
            {
              "fixed": "2.6.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-41222"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-11-08T21:59:15Z",
    "nvd_published_at": "2021-11-05T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/e71b86d47f8bc1816bf54d7bddc4170e47670b97/tensorflow/core/kernels/split_v_op.cc#L49-L205) of `SplitV` can trigger a segfault is an attacker supplies negative arguments:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.SplitV(\n  value=tf.constant([]),\n  size_splits=[-1, -2]\n  ,axis=0,\n  num_split=2)\n``` \n  \nThis occurs whenever `size_splits` contains more than one value and at least one value is negative.\n  \n### Patches \nWe have patched the issue in GitHub commit [25d622ffc432acc736b14ca3904177579e733cc6](https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6).\n\nThe fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
  "id": "GHSA-cpf4-wx82-gxp6",
  "modified": "2024-11-13T21:59:49Z",
  "published": "2021-11-10T18:48:15Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41222"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-631.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-829.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-414.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tensorflow/tensorflow"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Segfault due to negative splits in `SplitV`"
}

GHSA-CV99-MQP9-MR8M

Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2024-10-21 15:32
VLAI
Details

A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-5462"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-06-11T21:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
  "id": "GHSA-cv99-mqp9-mr8m",
  "modified": "2024-10-21T15:32:20Z",
  "published": "2022-05-13T01:46:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5462"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1345089"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201705-04"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2017/dsa-3831"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2017/dsa-3872"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2017-10"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2017-11"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2017-12"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2017-13"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97940"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038320"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CX2Q-HFXR-RJ97

Vulnerability from github – Published: 2023-09-26 19:34 – Updated: 2024-11-19 17:23
VLAI
Summary
Vyper's `_abi_decode` input not validated in complex expressions
Details

Impact

_abi_decode() does not validate input when it is nested in an expression. the following example gets correctly validated (bounds checked):

x: int128 = _abi_decode(slice(msg.data, 4, 32), int128)

however, the following example is not bounds checked

@external
def abi_decode(x: uint256) -> uint256:
    a: uint256 = convert(_abi_decode(slice(msg.data, 4, 32), (uint8)), uint256) + 1
    return a  # abi_decode(256) returns: 257

the issue can be triggered by constructing an example where the output of _abi_decode is not internally passed to make_setter (an internal codegen routine) or other input validating routine.

Patches

https://github.com/vyperlang/vyper/pull/3626

Workarounds

Is there a way for users to fix or remediate the vulnerability without upgrading?

References

Are there any links users can visit to find out more?

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "vyper"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.3.4"
            },
            {
              "fixed": "0.3.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-42460"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-09-26T19:34:53Z",
    "nvd_published_at": "2023-09-27T15:19:32Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n`_abi_decode()` does not validate input when it is nested in an expression. the following example gets correctly validated (bounds checked):\n```vyper\nx: int128 = _abi_decode(slice(msg.data, 4, 32), int128)\n```\n\nhowever, the following example is not bounds checked\n```vyper\n@external\ndef abi_decode(x: uint256) -\u003e uint256:\n    a: uint256 = convert(_abi_decode(slice(msg.data, 4, 32), (uint8)), uint256) + 1\n    return a  # abi_decode(256) returns: 257\n```\n\nthe issue can be triggered by constructing an example where the output of `_abi_decode` is not internally passed to `make_setter` (an internal codegen routine) or other input validating routine.\n\n### Patches\nhttps://github.com/vyperlang/vyper/pull/3626\n\n### Workarounds\n_Is there a way for users to fix or remediate the vulnerability without upgrading?_\n\n### References\n_Are there any links users can visit to find out more?_\n",
  "id": "GHSA-cx2q-hfxr-rj97",
  "modified": "2024-11-19T17:23:02Z",
  "published": "2023-09-26T19:34:53Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-cx2q-hfxr-rj97"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42460"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vyperlang/vyper/pull/3626"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/vyper/PYSEC-2023-191.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/vyperlang/vyper"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Vyper\u0027s `_abi_decode` input not validated in complex expressions"
}

GHSA-F6HC-9G49-XMX7

Vulnerability from github – Published: 2023-03-01 22:36 – Updated: 2024-05-20 21:48
VLAI
Summary
nistec has Incorrect Calculation in Multiplication of unreduced P-256 scalars
Details

Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this.

From the fix commit notes:

Unlike the rest of nistec, the P-256 assembly doesn't use complete addition formulas, meaning that p256PointAdd[Affine]Asm won't return the correct value if the two inputs are equal.

This was (undocumentedly) ignored in the scalar multiplication loops because as long as the input point is not the identity and the scalar is lower than the order of the group, the addition inputs can't be the same.

As part of the math/big rewrite, we went however from always reducing the scalar to only checking its length, under the incorrect assumption that the scalar multiplication loop didn't require reduction.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "filippo.io/nistec"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-24533"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-03-01T22:36:36Z",
    "nvd_published_at": "2023-03-08T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this.\n\nFrom the fix commit notes:\n\n\u003e Unlike the rest of nistec, the P-256 assembly doesn\u0027t use complete addition formulas, meaning that p256PointAdd[Affine]Asm won\u0027t return the correct value if the two inputs are equal.\n\u003e \n\u003e This was (undocumentedly) ignored in the scalar multiplication loops because as long as the input point is not the identity and the scalar is lower than the order of the group, the addition inputs can\u0027t be the same.\n\u003e \n\u003e As part of the math/big rewrite, we went however from always reducing the scalar to only checking its length, under the incorrect assumption that the scalar multiplication loop didn\u0027t require reduction.",
  "id": "GHSA-f6hc-9g49-xmx7",
  "modified": "2024-05-20T21:48:49Z",
  "published": "2023-03-01T22:36:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24533"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FiloSottile/nistec/commit/c58aa1223ccf3943513e1e661cebce95af137244"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/FiloSottile/nistec"
    },
    {
      "type": "WEB",
      "url": "https://go.dev/issue/58647"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2023-1595"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "nistec has Incorrect Calculation in Multiplication of unreduced P-256 scalars"
}

GHSA-FCMM-54JP-7VF6

Vulnerability from github – Published: 2023-03-21 22:31 – Updated: 2024-10-24 21:21
VLAI
Summary
Frontier's modexp precompile is slow for even modulus
Details

Impact

Frontier's modexp precompile uses num-bigint crate under the hood. In the implementation, the cases for modulus being even and modulus being odd are treated separately. Odd modulus uses the fast Montgomery multiplication, and even modulus uses the slow plain power algorithm. This gas cost discrepancy was not accounted for in the modexp precompile, leading to possible denial of service attacks.

Patches

No fixes for num-bigint is currently available, and thus this advisory will be first fixed in the short term by raising the gas costs for even modulus, and in the long term fixing it in num-bigint or switching to another modexp implementation.

The short-term fix for Frontier is deployed at PR 1017.

The recommendations are as follows:

  • If you anticipate malicious validators, it's recommended to issue an emergency runtime upgrade as soon as possible.
  • If you do not anticipate malicious validators, it's recommended to issue a normal runtime upgrade, as Substrate has builtin timeout protection when validators are building blocks.

Workarounds

None.

References

A similar issue was presented in Geth's implementation and the fix can be found here.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "pallet-evm-precompile-modexp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-28431"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-03-21T22:31:30Z",
    "nvd_published_at": "2023-03-22T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nFrontier\u0027s `modexp` precompile uses `num-bigint` crate under the hood. [In the implementation](https://github.com/rust-num/num-bigint/blob/6f2b8e0fc218dbd0f49bebb8db2d1a771fe6bafa/src/biguint/power.rs#L134), the cases for modulus being even and modulus being odd are treated separately. Odd modulus uses the fast Montgomery multiplication, and even modulus uses the slow plain power algorithm. This gas cost discrepancy was not accounted for in the `modexp` precompile, leading to possible denial of service attacks.\n\n### Patches\n\nNo fixes for `num-bigint` is currently available, and thus this advisory will be first fixed in the short term by raising the gas costs for even modulus, and in the long term fixing it in `num-bigint` or switching to another modexp implementation.\n\nThe short-term fix for Frontier is deployed at [PR 1017](https://github.com/paritytech/frontier/pull/1017).\n\nThe recommendations are as follows:\n\n- If you anticipate malicious validators, it\u0027s recommended to issue an emergency runtime upgrade as soon as possible.\n- If you do not anticipate malicious validators, it\u0027s recommended to issue a normal runtime upgrade, as Substrate has builtin timeout protection when validators are building blocks.\n\n### Workarounds\n\nNone.\n\n### References\n\nA similar issue was presented in Geth\u0027s implementation and the fix can be found [here](https://go-review.googlesource.com/c/go/+/420897).\n",
  "id": "GHSA-fcmm-54jp-7vf6",
  "modified": "2024-10-24T21:21:00Z",
  "published": "2023-03-21T22:31:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/paritytech/frontier/security/advisories/GHSA-fcmm-54jp-7vf6"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28431"
    },
    {
      "type": "WEB",
      "url": "https://github.com/paritytech/frontier/pull/1017"
    },
    {
      "type": "WEB",
      "url": "https://github.com/paritytech/frontier/commit/5af12e94d7dfc8a0208a290643a800f55de7b219"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/polkadot-evm/frontier"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-num/num-bigint/blob/6f2b8e0fc218dbd0f49bebb8db2d1a771fe6bafa/src/biguint/power.rs#L134"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Frontier\u0027s modexp precompile is slow for even modulus"
}

Mitigation
Implementation

Understand your programming language's underlying representation and how it interacts with numeric calculation. Pay close attention to byte size discrepancies, precision, signed/unsigned distinctions, truncation, conversion and casting between types, "not-a-number" calculations, and how your language handles numbers that are too large or too small for its underlying representation.

Mitigation MIT-8
Implementation

Strategy: Input Validation

Perform input validation on any numeric input by ensuring that it is within the expected range. Enforce that the input meets both the minimum and maximum requirements for the expected range.

Mitigation
Implementation

Use the appropriate type for the desired action. For example, in C/C++, only use unsigned types for values that could never be negative, such as height, width, or other numbers related to quantity.

Mitigation
Architecture and Design

Strategy: Language Selection

  • Use languages, libraries, or frameworks that make it easier to handle numbers without unexpected consequences.
  • Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++).
Mitigation
Architecture and Design

Strategy: Libraries or Frameworks

  • Use languages, libraries, or frameworks that make it easier to handle numbers without unexpected consequences.
  • Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++).
Mitigation MIT-26
Implementation

Strategy: Compilation or Build Hardening

Examine compiler warnings closely and eliminate problems with potential security implications, such as signed / unsigned mismatch in memory operations, or use of uninitialized variables. Even if the weakness is rarely exploitable, a single failure may lead to the compromise of the entire system.

CAPEC-128: Integer Attacks

An attacker takes advantage of the structure of integer variables to cause these variables to assume values that are not expected by an application. For example, adding one to the largest positive integer in a signed integer variable results in a negative number. Negative numbers may be illegal in an application and the application may prevent an attacker from providing them directly, but the application may not consider that adding two positive numbers can create a negative number do to the structure of integer storage formats.

CAPEC-129: Pointer Manipulation

This attack pattern involves an adversary manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.