CVE-2023-42443: Vyper vulnerable to memory corruption in certain builtins utilizing `msize`
(updated )
In certain conditions, the memory used by the builtins raw_call, create_from_blueprint and create_copy_of can be corrupted.
- For
raw_call, the argument buffer of the call can be corrupted, leading to incorrectcalldatain the sub-context. - For
create_from_blueprintandcreate_copy_of, the buffer for the to-be-deployed bytecode can be corrupted, leading to deploying incorrect bytecode.
Below are the conditions that must be fulfilled for the corruption to happen for each builtin:
References
- github.com/advisories/GHSA-c647-pxm2-c52w
- github.com/pypa/advisory-database/tree/main/vulns/vyper/PYSEC-2023-306.yaml
- github.com/vyperlang/vyper
- github.com/vyperlang/vyper/commit/79303fc4fcba06994ee5c6a7baef57bdb185006c
- github.com/vyperlang/vyper/issues/3609
- github.com/vyperlang/vyper/pull/3610
- github.com/vyperlang/vyper/security/advisories/GHSA-c647-pxm2-c52w
- nvd.nist.gov/vuln/detail/CVE-2023-42443
Code Behaviors & Features
Detect and mitigate CVE-2023-42443 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →