Description

Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for `pallet-ethereum`, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of this to put invalid transactions into a block. The attack is limited in that the signature is always validated, and the majority of the validation is done again in the subsequent `pallet-evm` execution logic. However, do note that a chain ID replay attack was possible. In addition, spamming attacks are of main concerns, while they are limited by Substrate block size limits and other factors. The issue is patched in commit `146bb48849e5393004be5c88beefe76fdf009aba`.

Related CPE's

a

parity

frontier

Vulnerable

References

https://github.com/paritytech/frontier/commit/146bb48849e5393004be5c88beefe76fdf009aba

PatchThird Party Advisory

https://github.com/paritytech/frontier/pull/497

PatchThird Party Advisory

https://github.com/paritytech/frontier/security/advisories/GHSA-vj62-g63v-f8mf

PatchThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-20

[email protected]

Secondary
CWE-20

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

5.3 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-10-13T16:15:07.847

3 years ago

Last modified

2021-10-20T16:45:01.823

3 years ago