GHSA-2gw2-qgjg-xh6p – namada-apps

Package

Manager: cargo
Name: namada-apps
Vulnerable Version: =1.0.0 || >=1.0.0 <1.1.0

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:U/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

EPSS: N/A pctlN/A

Details

Namada-apps allows Post-Genesis Validator Bypass ### Impact Ledger crash. A user is able to initialize a post-genesis validator with a negative commission rate using the `--force` flag. If this validator gets into the consensus set, then when computing PoS inflation inside `fn update_rewards_products_and_mint_inflation`, an instance of `mul_floor` will cause the return of an `Err`, which causes `finalize_block` to error. ### Patches This issue has been patched in apps version 1.1.0. The PoS validity predicate now enforces that the commission rate is not negative and any transaction that fails the check will be rejected, both for newly initialized validators and for commission rate change of an existing validator. ### Workarounds There are no workarounds and users are advised to upgrade.

Metadata

Created: 2025-02-20T20:24:19Z
Modified: 2025-02-20T20:24:19Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/02/GHSA-2gw2-qgjg-xh6p/GHSA-2gw2-qgjg-xh6p.json
CWE IDs: ["CWE-248"]
Alternative ID: N/A
Finding: F140
Auto approve: 1