CVE-2025-52884

Name of the Vulnerable Software and Affected Versions: RISC Zero versions prior to 2.1.1 and 2.2.0

Description: The issue concerns the Steel.validateCommitment Solidity library function, which returns true for a crafted commitment with a digest value of zero. This violates the function's semantics, as it does not correspond to any block in the current chain. The commitment will never be produced by a correct zkVM guest using Steel. Leveraging this bug to compromise the soundness of a program using Steel would require a separate bug or misuse of the Steel library. The estimated number of potentially affected devices worldwide is not available.

Recommendations: For versions prior to 2.1.1 and 2.2.0, update to version 2.1.1 or 2.2.0 to resolve the issue. For users of the Steel Solidity library versions 2.1.0 or earlier, ensure that Steel.validateCommitment is used in tandem with zkVM proof verification of a Steel program. Users not verifying a zkVM proof of a Steel program should update their application to do so, as this is the correct usage of Steel.