CVE-2025-58359 – frost-core

Package

Manager: cargo
Name: frost-core
Vulnerable Version: >=2.0.0 <2.2.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00027 pctl0.0586

Details

frost-core: refresh shares with smaller min_signers will reduce security of group ### Impact It was not clear that it is not possible to change `min_signers` (i.e. the threshold) with the refresh share functionality (`frost_core::keys::refresh` module). Using a smaller value would not decrease the threshold, and attempts to sign using a smaller threshold would fail. Additionally, after refreshing the shares with a smaller threshold, it would still be possible to sign with the original threshold; however, this could cause a security loss to the participant's shares. We have not determined the exact security implications of doing so and judged simpler to just validate `min_signers`. If for some reason you have done a refresh share procedure with a smaller `min_signers` we strongly recommend migrating to a new key. ### Patches Updating to 2.2.0 will ensure that the `min_signers` parameter will be validated. However it won't restore the security of groups refreshed with a smaller `min_signers` parameters. ### Workarounds You don't need to update if you don't use the refresh share functionality, or if you didn't try to change the `min_signers` parameter using the refresh share functionality. ### References Thank you [BlockSec](https://blocksec.com/) for reporting the finding

Metadata

Created: 2025-09-03T21:29:18Z
Modified: 2025-09-05T16:11:20Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/09/GHSA-wgq8-vr6r-mqxm/GHSA-wgq8-vr6r-mqxm.json
CWE IDs: ["CWE-269", "CWE-325"]
Alternative ID: GHSA-wgq8-vr6r-mqxm
Finding: F159
Auto approve: 1