CVE-2021-31616

Name of the Vulnerable Software and Affected Versions ShapeShift KeepKey hardware wallet firmware versions prior to 7.1.0

Description The issue is related to insufficient length checks in the firmware, allowing a stack buffer overflow via crafted messages. This overflow occurs in the ethereum extractThorchainSwapData() function in ethereum.c and can circumvent stack protections, leading to code execution. The vulnerable interface is reachable remotely over WebUSB.

Recommendations For versions prior to 7.1.0, update the firmware to version 7.1.0 or later to resolve the issue. As a temporary workaround, consider disabling the ethereum extractThorchainSwapData() function until a patch is available. Restrict access to the WebUSB interface to minimize the risk of exploitation.