CVE-2021-41135 - OpenCVE

Vendors	Products
Interchain	Cosmos Sdk

Link	Resource
https://forum.cosmos.network/t/cosmos-sdk-vulnerability-retrospective-security-advisory-jackfruit-october-12-2021/5349	Exploit Vendor Advisory
https://github.com/cosmos/cosmos-sdk/commit/68ab790a761e80d3674f821794cf18ccbfed45ee	Patch Third Party Advisory
https://github.com/cosmos/cosmos-sdk/security/advisories/GHSA-2p6r-37p9-89p2	Third Party Advisory

{"containers": {"cna": {"affected": [{"product": "cosmos-sdk", "vendor": "cosmos", "versions": [{"status": "affected", "version": ">= 0.43.0, < 0.44.2"}]}], "descriptions": [{"lang": "en", "value": "The Cosmos-SDK is a framework for building blockchain applications in Golang. Affected versions of the SDK were vulnerable to a consensus halt due to non-deterministic behaviour in a ValidateBasic method in the x/authz module. The MsgGrant of the x/authz module contains a Grant field which includes a user-defined expiration time for when the authorization grant expires. In Grant.ValidateBasic(), that time is compared to the node\u2019s local clock time. Any chain running an affected version of the SDK with the authz module enabled could be halted by anyone with the ability to send transactions on that chain. Recovery would require applying the patch and rolling back the latest block. Users are advised to update to version 0.44.2."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-754", "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-10-20T18:05:10", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/cosmos/cosmos-sdk/security/advisories/GHSA-2p6r-37p9-89p2"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/cosmos/cosmos-sdk/commit/68ab790a761e80d3674f821794cf18ccbfed45ee"}, {"tags": ["x_refsource_MISC"], "url": "https://forum.cosmos.network/t/cosmos-sdk-vulnerability-retrospective-security-advisory-jackfruit-october-12-2021/5349"}], "source": {"advisory": "GHSA-2p6r-37p9-89p2", "discovery": "UNKNOWN"}, "title": "Authz Module Non-Determinism", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-41135", "STATE": "PUBLIC", "TITLE": "Authz Module Non-Determinism"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "cosmos-sdk", "version": {"version_data": [{"version_value": ">= 0.43.0, < 0.44.2"}]}}]}, "vendor_name": "cosmos"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Cosmos-SDK is a framework for building blockchain applications in Golang. Affected versions of the SDK were vulnerable to a consensus halt due to non-deterministic behaviour in a ValidateBasic method in the x/authz module. The MsgGrant of the x/authz module contains a Grant field which includes a user-defined expiration time for when the authorization grant expires. In Grant.ValidateBasic(), that time is compared to the node\u2019s local clock time. Any chain running an affected version of the SDK with the authz module enabled could be halted by anyone with the ability to send transactions on that chain. Recovery would require applying the patch and rolling back the latest block. Users are advised to update to version 0.44.2."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"}]}]}, "references": {"reference_data": [{"name": "https://github.com/cosmos/cosmos-sdk/security/advisories/GHSA-2p6r-37p9-89p2", "refsource": "CONFIRM", "url": "https://github.com/cosmos/cosmos-sdk/security/advisories/GHSA-2p6r-37p9-89p2"}, {"name": "https://github.com/cosmos/cosmos-sdk/commit/68ab790a761e80d3674f821794cf18ccbfed45ee", "refsource": "MISC", "url": "https://github.com/cosmos/cosmos-sdk/commit/68ab790a761e80d3674f821794cf18ccbfed45ee"}, {"name": "https://forum.cosmos.network/t/cosmos-sdk-vulnerability-retrospective-security-advisory-jackfruit-october-12-2021/5349", "refsource": "MISC", "url": "https://forum.cosmos.network/t/cosmos-sdk-vulnerability-retrospective-security-advisory-jackfruit-october-12-2021/5349"}]}, "source": {"advisory": "GHSA-2p6r-37p9-89p2", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-41135", "datePublished": "2021-10-20T18:05:10", "dateReserved": "2021-09-15T00:00:00", "dateUpdated": "2021-10-20T18:05:10", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:interchain:cosmos_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F574CC28-3488-4477-91CB-B934EA767B87", "versionEndExcluding": "0.44.2", "versionStartIncluding": "0.43.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Cosmos-SDK is a framework for building blockchain applications in Golang. Affected versions of the SDK were vulnerable to a consensus halt due to non-deterministic behaviour in a ValidateBasic method in the x/authz module. The MsgGrant of the x/authz module contains a Grant field which includes a user-defined expiration time for when the authorization grant expires. In Grant.ValidateBasic(), that time is compared to the node\u2019s local clock time. Any chain running an affected version of the SDK with the authz module enabled could be halted by anyone with the ability to send transactions on that chain. Recovery would require applying the patch and rolling back the latest block. Users are advised to update to version 0.44.2."}, {"lang": "es", "value": "Cosmos-SDK es un marco de trabajo para construir aplicaciones blockchain en Golang. Las versiones afectadas del SDK eran vulnerables a una interrupci\u00f3n del consenso debido a un comportamiento no determinista en un m\u00e9todo ValidateBasic del m\u00f3dulo x/authz. El MsgGrant del m\u00f3dulo x/authz contiene un campo Grant que incluye un tiempo de expiraci\u00f3n definido por el usuario para cuando la concesi\u00f3n de autorizaci\u00f3n expira. En Grant.ValidateBasic(), esa hora se compara con la hora del reloj local del nodo. Cualquier cadena que ejecute una versi\u00f3n afectada del SDK con el m\u00f3dulo authz habilitado podr\u00eda ser detenida por cualquier persona con la capacidad de enviar transacciones en esa cadena. Una recuperaci\u00f3n requerir\u00eda aplicar el parche y hacer retroceder el \u00faltimo bloque. Se recomienda usuarios actualizar a la versi\u00f3n 0.44.2"}], "id": "CVE-2021-41135", "lastModified": "2023-11-07T03:38:51.017", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Primary"}]}, "published": "2021-10-20T18:15:07.807", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://forum.cosmos.network/t/cosmos-sdk-vulnerability-retrospective-security-advisory-jackfruit-october-12-2021/5349"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/cosmos/cosmos-sdk/commit/68ab790a761e80d3674f821794cf18ccbfed45ee"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/cosmos/cosmos-sdk/security/advisories/GHSA-2p6r-37p9-89p2"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "security-advisories@github.com", "type": "Primary"}]}

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

JSON object

JSON object

JSON object