CVE-2024-32481

Name of the Vulnerable Software and Affected Versions Vyper versions 0.3.8 through 0.4.0b1

Description The issue arises when looping over a range of the form range(start, start + N), where start is a signed integer and can be negative. This causes the execution to always revert due to an incorrect assertion inserted by the code generation of the range statement. The problem occurs because start is interpreted as an unsigned integer for comparison, and if it is negative, its 255th bit is set to 1, making it a very large unsigned integer and causing the assertion to fail. Any contract with a range(start, start + N) where start is a signed integer and can be negative is affected.

Recommendations For versions 0.3.8 through 0.4.0b1, update to version 0.4.0b1 or later, which fixes the issue by disallowing the problematic form of range(). As a temporary workaround, consider avoiding the use of range(start, start + N) with negative start values in affected contracts until the issue is resolved.