CVE-2023-34458 – github.com/multiversx/mx-chain-go

Package

Manager: go
Name: github.com/multiversx/mx-chain-go
Vulnerable Version: >=0 <1.4.17

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N

EPSS: 0.02176 pctl0.83706

Details

mx-chain-go's relayed transactions always increment nonce ### Impact When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on a targeted account. The fix is a breaking change so a new flag `RelayedNonceFixEnableEpoch` was needed. This was a strict processing issue while validating blocks on a chain. ### Patches v1.4.17 and later versions contain the fix for this issue ### Workarounds there were no workarounds for this issue. The affected account could only wait for the DoS attack to finish as the attack was not free or to attempt to send transactions in a very fast manner so as to compete on the same nonce with the attacker. ### References For the future understanding of this issue, on v1.4.17 and onwards versions, we have this integration test that addresses the issue and tests the fix. https://github.com/multiversx/mx-chain-go/blob/babdb144f1316ab6176bf3dbd7d4621120414d43/integrationTests/vm/txsFee/relayedMoveBalance_test.go#LL165C14-L165C14

Metadata

Created: 2023-07-13T17:02:12Z
Modified: 2023-07-14T13:28:34Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/07/GHSA-j494-7x2v-vvvp/GHSA-j494-7x2v-vvvp.json
CWE IDs: ["CWE-400"]
Alternative ID: GHSA-j494-7x2v-vvvp
Finding: F002
Auto approve: 1