Name of the Vulnerable Software and Affected Versions: SP1 versions prior to 3.0.0

Description: The issue arises during proof generation, where the prover must observe all values sent to the verifier to generate valid Fiat-Shamir challenges. In versions prior to 3.0.0, the cumulative sum of the permutation argument was not observed when sampling zeta, a random challenge. This made it theoretically possible to exploit, although it would require a significant amount of computation and knowledge of cryptographic attacks. The issue was discovered during an audit and was fixed in version 3.0.0 by observing the cumulative sum into the challenger.

Recommendations: For versions prior to 3.0.0, update to version 3.0.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the permutation argument until a patch is available.