Vulnerability Description
gnark is a zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.9.0, for some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of `a`, for small values there exists a second decomposition for `a+r` (where `r` is the modulus the values are being reduced by). The second decomposition was possible due to overflowing the field where the values are defined. Upgrading to version 0.9.0 should fix the issue without needing to change the calls to value comparison methods.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Consensys | Gnark | < 0.9.0 |
Related Weaknesses (CWE)
References
- https://github.com/Consensys/gnark/commit/59a4087261a6c73f13e80d695c17b398c3d093Patch
- https://github.com/Consensys/gnark/security/advisories/GHSA-498w-5j49-vqjgMitigationPatchThird Party Advisory
- https://github.com/zkopru-network/zkopru/issues/116Not Applicable
- https://github.com/Consensys/gnark/commit/59a4087261a6c73f13e80d695c17b398c3d093Patch
- https://github.com/Consensys/gnark/security/advisories/GHSA-498w-5j49-vqjgMitigationPatchThird Party Advisory
- https://github.com/zkopru-network/zkopru/issues/116Not Applicable
FAQ
What is CVE-2023-44378?
CVE-2023-44378 is a vulnerability with a CVSS score of 7.1 (HIGH). gnark is a zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.9.0, for some in-circuit values, it is possible to construct two valid decomposition to bits. In additio...
How severe is CVE-2023-44378?
CVE-2023-44378 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-44378?
Check the references section above for vendor advisories and patch information. Affected products include: Consensys Gnark.