MEDIUM🇬🇧 English

CVE-2022-21685

CVSS 6.5v3.1pub. 2022-01-14upd. 2024-11-21

Frontier is Substrate's Ethereum compatibility layer. Prior to commit number `8a93fdc6c9f4eb1d2f2a11b7ff1d12d70bf5a664`, a bug in Frontier's MODEXP precompile implementation can cause an integer underflow in certain conditions. This will cause a node crash for debug builds. For release builds (and production WebAssembly binaries), the impact is limited as it can only cause a normal EVM out-of-gas. Users who do not use MODEXP precompile in their runtime are not impacted. A patch is available in pull request #549.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • Parity Frontier

    APP
    Parity
    ≤ 2022-01-13
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-45130HIGH7.5ten sam produkt

Frontier is Substrate's Ethereum compatibility layer. Prior to commit aea528198b3b226e0d20cce878551fd4c0e3d5d0...

CVE-2023-28431HIGH7.5ten sam produkt

Frontier is an Ethereum compatibility layer for Substrate. Frontier's `modexp` precompile uses `num-bigint` cr...

CVE-2022-36008HIGH7.1ten sam produkt

Frontier is Substrate's Ethereum compatibility layer. A security issue was discovered affecting parsing of the...

CVE-2022-39242MEDIUM5.3ten sam produkt

Frontier is an Ethereum compatibility layer for Substrate. Prior to commit d3beddc6911a559a3ecc9b3f08e153dbe37...

CVE-2022-31111MEDIUM5.3ten sam produkt

Frontier is Substrate's Ethereum compatibility layer. In affected versions the truncation done when converting...