CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31111 – Discrepency in transfer value and actual value due to incorrect truncation in Frontier
https://notcve.org/view.php?id=CVE-2022-31111
Frontier is Substrate's Ethereum compatibility layer. In affected versions the truncation done when converting between EVM balance type and Substrate balance type was incorrectly implemented. This leads to possible discrepancy between appeared EVM transfer value and actual Substrate value transferred. It is recommended that an emergency upgrade to be planned and EVM execution temporarily paused in the mean time. The issue is patched in Frontier master branch commit fed5e0a9577c10bea021721e8c2c5c378e16bf66 and polkadot-v0.9.22 branch commit e3e427fa2e5d1200a784679f8015d4774cedc934. • https://github.com/paritytech/frontier/commit/e3e427fa2e5d1200a784679f8015d4774cedc934 https://github.com/paritytech/frontier/commit/fed5e0a9577c10bea021721e8c2c5c378e16bf66 https://github.com/paritytech/frontier/pull/753 https://github.com/paritytech/frontier/security/advisories/GHSA-hc8w-mx86-9fcj • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21685 – Integer underflow in Frontier
https://notcve.org/view.php?id=CVE-2022-21685
Frontier is Substrate's Ethereum compatibility layer. Prior to commit number `8a93fdc6c9f4eb1d2f2a11b7ff1d12d70bf5a664`, a bug in Frontier's MODEXP precompile implementation can cause an integer underflow in certain conditions. This will cause a node crash for debug builds. For release builds (and production WebAssembly binaries), the impact is limited as it can only cause a normal EVM out-of-gas. Users who do not use MODEXP precompile in their runtime are not impacted. • https://github.com/paritytech/frontier/commit/8a93fdc6c9f4eb1d2f2a11b7ff1d12d70bf5a664 https://github.com/paritytech/frontier/pull/549 https://github.com/paritytech/frontier/security/advisories/GHSA-cjg2-2fjg-fph4 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41138 – Validity check for signed Frontier-specific extrinsic not called in block execution
https://notcve.org/view.php?id=CVE-2021-41138
Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for `pallet-ethereum`, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of this to put invalid transactions into a block. The attack is limited in that the signature is always validated, and the majority of the validation is done again in the subsequent `pallet-evm` execution logic. However, do note that a chain ID replay attack was possible. • https://github.com/paritytech/frontier/commit/146bb48849e5393004be5c88beefe76fdf009aba https://github.com/paritytech/frontier/pull/497 https://github.com/paritytech/frontier/security/advisories/GHSA-vj62-g63v-f8mf • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39193 – Transaction validity oversight in pallet-ethereum
https://notcve.org/view.php?id=CVE-2021-39193
Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 0b962f218f0cdd796dadfe26c3f09e68f7861b26, a bug in `pallet-ethereum` can cause invalid transactions to be included in the Ethereum block state in `pallet-ethereum` due to not validating the input data size. Any invalid transactions included this way have no possibility to alter the internal Ethereum or Substrate state. The transaction will appear to have be included, but is of no effect as it is rejected by the EVM engine. The impact is further limited by Substrate extrinsic size constraints. • https://github.com/paritytech/frontier/commit/0b962f218f0cdd796dadfe26c3f09e68f7861b26 https://github.com/paritytech/frontier/pull/465 https://github.com/paritytech/frontier/pull/465/commits/8a2b890a2fb477d5fedd0e4335b00623832849ae https://github.com/paritytech/frontier/security/advisories/GHSA-hw4v-5x4h-c3xm • CWE-20: Improper Input Validation CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38195
https://notcve.org/view.php?id=CVE-2021-38195
An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rust. It can verify an invalid signature because it allows the R or S parameter to be larger than the curve order, aka an overflow. Se ha detectado un problema en la crate libsecp256k1 versiones anteriores a 0.5.0 para Rust. Puede verificar una firma no válida porque permite que el parámetro R o S sea mayor que el orden de la curva, lo que supone un desbordamiento • https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/libsecp256k1/RUSTSEC-2021-0076.md https://rustsec.org/advisories/RUSTSEC-2021-0076.html • CWE-347: Improper Verification of Cryptographic Signature •