Vulnerability Description
Vyper is a Pythonic programming language that targets the Ethereum Virtual Machine (EVM). Prior to version 0.3.10, the ecrecover precompile does not fill the output buffer if the signature does not verify. However, the ecrecover builtin will still return whatever is at memory location 0. This means that the if the compiler has been convinced to write to the 0 memory location with specially crafted data (generally, this can happen with a hashmap access or immutable read) just before the ecrecover, a signature check might pass on an invalid signature. Version 0.3.10 contains a patch for this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vyperlang | Vyper | < 0.3.9 |
Related Weaknesses (CWE)
References
- https://github.com/vyperlang/vyper/commit/019a37ab98ff53f04fecfadf602b6cd5ac748fPatch
- https://github.com/vyperlang/vyper/security/advisories/GHSA-f5x6-7qgp-jhf3ExploitThird Party Advisory
- https://github.com/vyperlang/vyper/commit/019a37ab98ff53f04fecfadf602b6cd5ac748fPatch
- https://github.com/vyperlang/vyper/security/advisories/GHSA-f5x6-7qgp-jhf3ExploitThird Party Advisory
FAQ
What is CVE-2023-37902?
CVE-2023-37902 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Vyper is a Pythonic programming language that targets the Ethereum Virtual Machine (EVM). Prior to version 0.3.10, the ecrecover precompile does not fill the output buffer if the signature does not ve...
How severe is CVE-2023-37902?
CVE-2023-37902 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-37902?
Check the references section above for vendor advisories and patch information. Affected products include: Vyperlang Vyper.