logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

CVE-2025-24800 grandpa-verifier

Package

Manager: cargo
Name: grandpa-verifier
Vulnerable Version: >=0 <0.1.2

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00024 pctl0.04734

Details

ismp-grandpa crate accepted incorrect signatures A critical vulnerability was discovered in the `ismp-grandpa` crate, that allowed a malicious prover easily convince the verifier of the finality of arbitrary headers. ### Description The vulnerability manifests as a verifer that only accepts incorrect signatures of Grandpa precommits and was introduced in this [specific commit](https://github.com/polytope-labs/ismp-substrate/pull/64/commits/5ca3351a19151f1a439c30d5cbdbfdc72a11f1a8#diff-3835cc24fb2011b3e8246036059acd8c2c2a9a869eedf7a210d18edb6543318dL262). Perhaps due to unfamiliarity with core substrate APIs. The `if` statement should have included a negation check, similar to the previous code, but this was omitted. Causing the verifier to **only** accept invalid signatures. This vulnerability remained undetected even with [integration tests](https://github.com/polytope-labs/ismp-substrate/pull/64/commits/04d5be207b082eb61d586d52e1685e2e060347e6#diff-4aedbca82d26bebc03f274e23fd5697c3346ffff54405c87af9018f3aef708b2R1-R160), as the prover was also [misconfigured](https://github.com/polytope-labs/ismp-substrate/pull/64/commits/b26894913b301061b07db61af841ca2586415f08#diff-493a6129d75fe31185e28695a4d2adc1582fe9df12462e380fe994f170fc1e70L159) to initialize the Grandpa verifier with the incorrect authority `set_id`. This causes verification of honest precommit signatures to fail as the message is now malformed, but the verifier indeed only accepts signatures or messages that fail the verification check. But even more devastatingly, the verifier will also accept malicious GRANDPA signatures for any precommit message. This vulnerability has been fixed in this [commit](https://github.com/polytope-labs/hyperbridge/pull/372/commits/f0e85db718f5165b06585a49b14a66f8ad643aea) and a patch release has been published. ### Impact This could be used to steal funds or compromise other kinds of cross-chain applications. ### Patches This vulnerability has been fixed in the latest version of `ismp-granpda` `v15.0.1` ### Recommendations Users who rely on the compromised versions must upgrade immediately, as all vulnerable versions of the crate has been yanked.

Metadata

Created: 2025-01-28T17:29:17Z
Modified: 2025-01-28T20:15:50Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/01/GHSA-wwx5-gpgr-vxr7/GHSA-wwx5-gpgr-vxr7.json
CWE IDs: ["CWE-347"]
Alternative ID: GHSA-wwx5-gpgr-vxr7
Finding: F163
Auto approve: 1