CVE-2025-70955

Name of the Vulnerable Software and Affected Versions TON Virtual Machine versions prior to 2024.10

Description A Stack Overflow issue exists in the TON Virtual Machine (TVM). The root cause is the improper handling of vmstate and continuation jump instructions, leading to continuous dynamic tail calls. An attacker can exploit this by creating a smart contract with deeply nested jump logic. This nested execution exhausts the host process's stack space, even within permissible gas limits, resulting in a Denial of Service (DoS) for the TON blockchain network.

Recommendations Update to version 2024.10 or later.