CVE-2021-21271

Denial of service in TenderMint Core

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Tendermint Core is an open source Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, we added a new Timestamp field to Evidence structs. This timestamp would be calculated using the same algorithm that is used when a block is created and proposed. (This algorithm relies on the timestamp of the last commit from this specific block.) In Tendermint Core v0.34.0-v0.34.2, the consensus reactor is responsible for forming DuplicateVoteEvidence whenever double signs are observed. However, the current block is still “in flight” when it is being formed by the consensus reactor. It hasn’t been finalized through network consensus yet. This means that different nodes in the network may observe different “last commits” when assigning a timestamp to DuplicateVoteEvidence. In turn, different nodes could form DuplicateVoteEvidence objects at the same height but with different timestamps. One DuplicateVoteEvidence object (with one timestamp) will then eventually get finalized in the block, but this means that any DuplicateVoteEvidence with a different timestamp is considered invalid. Any node that formed invalid DuplicateVoteEvidence will continue to propose invalid evidence; its peers may see this, and choose to disconnect from this node. This bug means that double signs are DoS vectors in Tendermint Core v0.34.0-v0.34.2. Tendermint Core v0.34.3 is a security release which fixes this bug. As of v0.34.3, DuplicateVoteEvidence is no longer formed by the consensus reactor; rather, the consensus reactor passes the Votes themselves into the EvidencePool, which is now responsible for forming DuplicateVoteEvidence. The EvidencePool has timestamp info that should be consistent across the network, which means that DuplicateVoteEvidence formed in this reactor should have consistent timestamps. This release changes the API between the consensus and evidence reactors.

Tendermint Core es un middleware Byzantine Fault Tolerant (BFT) de código abierto que toma una máquina de transición de estado, escrita en cualquier lenguaje de programación, y la replica de forma segura en muchas máquinas. Tendermint Core versión v0.34.0 introdujo una nueva forma de manejar la evidencia de mal comportamiento. Como parte de esto, agregamos un nuevo campo Timestamp a las estructuras Evidence. Esta marca de tiempo se calcularía usando el mismo algoritmo que se utiliza cuando un bloque sea creado y propuesto. (Este algoritmo se basa en la marca de tiempo del último commit de este bloque específico). En Tendermint Core versiones v0.34.0-v0.34.2, el reactor de consenso es responsable de formar un DuplicateVoteEvidence siempre que se observen signos dobles. Sin embargo, el bloque actual todavía está "in flight" cuando lo está formando el reactor de consenso. Aún no se ha finalizado mediante el consenso de la red. Esto significa que diferentes nodos en la red pueden observar diferentes "last commits" al asignar una marca de tiempo a DuplicateVoteEvidence. A su vez, diferentes nodos podrían formar objetos DuplicateVoteEvidence a la misma altura pero con diferentes marcas de tiempo. Un objeto DuplicateVoteEvidence (con una marca de tiempo) finalmente se finalizará en el bloque, pero esto significa que cualquier DuplicateVoteEvidence con una marca de tiempo diferente se considera inválido. Cualquier nodo que formó un DuplicateVoteEvidence inválido continuará proponiendo evidencia inválida; sus peers pueden visualizar esto y optar por desconectarse de este nodo. Este error significa que los signos dobles son vectores de DoS en Tendermint Core versiones v0.34.0-v0.34.2. Tendermint Core versión v0.34.3 es una versión de seguridad que corrige este error. A partir de la versión 0.34.3, DuplicateVoteEvidence ya no está formado por el reactor de consenso; más bien, el reactor de consenso pasa los Votos mismos al EvidencePool, que ahora es responsable de formar un DuplicateVoteEvidence. EvidencePool posee información de marca de tiempo que debe ser consistente en toda la red, lo que significa que un DuplicateVoteEvidence formado en este reactor debe tener marcas de tiempo consistentes. Esta versión cambia la API entre los reactores de consenso y evidencia

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-12-22 CVE Reserved
2021-01-26 CVE Published
2023-03-08 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (3)

URL	Tag	Source
https://github.com/tendermint/tendermint/blob/v0.34.3/CHANGELOG.md#v0.34.3	Release Notes
https://github.com/tendermint/tendermint/security/advisories/GHSA-p658-8693-mhvg	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/tendermint/tendermint/commit/a2a6852ab99e4a0f9e79f0ea8c1726e262e25c76	2021-02-08

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Tendermint Search vendor "Tendermint"		Tendermint Search vendor "Tendermint" for product "Tendermint"				>= 0.34.0 <= 0.34.2 Search vendor "Tendermint" for product "Tendermint" and version " >= 0.34.0 <= 0.34.2"		-		Affected