PT-2023-21717 · Frontier+2 · Frontier+2
Guidovranken
·
Published
2023-03-21
·
Updated
2023-03-28
·
CVE-2023-28431
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Frontier versions prior to the deployment of pull request 1017
Description
The issue arises from the
modexp precompile in Frontier, which uses the num-bigint crate. The implementation treats odd and even moduli differently, with odd moduli using fast Montgomery multiplication and even moduli using the slow plain power algorithm. This discrepancy in gas costs was not accounted for, potentially leading to denial of service attacks. There are no known instances of this issue being exploited in real-world attacks.Recommendations
- If you anticipate malicious validators, issue an emergency runtime upgrade as soon as possible.
- If you do not anticipate malicious validators, issue a normal runtime upgrade, as Substrate has built-in timeout protection when validators are building blocks.
- Consider raising the gas costs for even modulus as a short-term fix until a long-term solution is implemented in
num-bigintor by switching to another modexp implementation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Frontier
Substrate
Num-Bigint