Hyperledger Besu up to 22.7.0 CALL unsigned conversion

CVSS Meta Temp Score
CVSS is a standardized scoring system to determine possibilities of attacks. The Temp Score considers temporal factors like disclosure, exploit and countermeasures. The unique Meta Score calculates the average score of different sources to provide a normalized scoring system.
Current Exploit Price (≈)
Our analysts are monitoring exploit markets and are in contact with vulnerability brokers. The range indicates the observed or calculated exploit price to be seen on exploit markets. A good indicator to understand the monetary effort required for and the popularity of an attack.
CTI Interest Score
Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks. The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. A high score indicates an elevated risk to be targeted for this vulnerability.
7.6$0-$5k0.00

Summaryinfo

A vulnerability described as problematic has been identified in Hyperledger Besu up to 22.7.0. This issue affects the function CALL. The manipulation results in unsigned conversion. This vulnerability is identified as CVE-2022-36025. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is recommended.

Detailsinfo

A vulnerability classified as critical has been found in Hyperledger Besu up to 22.7.0. Affected is the function CALL. The manipulation with an unknown input leads to a unsigned conversion vulnerability. CWE is classifying the issue as CWE-196. The product uses an unsigned primitive and performs a cast to a signed primitive, which can produce an unexpected value if the value of the unsigned primitive can not be represented using a signed primitive. This is going to have an impact on integrity, and availability. CVE summarizes:

Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations (including DELEGATECALL) results in incorrect gas being passed into called contracts and incorrect gas being returned after call execution. Where the amount of gas makes a difference in the success or failure, or if the gas is a negative 64 bit value, the execution will result in a different state root than expected, resulting in a consensus failure in networks with multiple EVM implementations. In networks with a single EVM implementation this can be used to execute with significantly more gas than then transaction requested, possibly exceeding gas limitations. This issue is patched in version 22.7.1. As a workaround, reverting to version 22.1.3 or earlier will prevent incorrect execution.

The weakness was released 09/24/2022 as GHSA-4456-w38r-m53x. The advisory is available at github.com. This vulnerability is traded as CVE-2022-36025 since 07/15/2022. Technical details are known, but there is no available exploit.

Upgrading to version 22.7.1 eliminates this vulnerability.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Vendor

Name

Version

Website

CPE 2.3info

CPE 2.2info

CVSSv4info

VulDB Vector: 🔍
VulDB Reliability: 🔍

CVSSv3info

VulDB Meta Base Score: 7.8
VulDB Meta Temp Score: 7.6

VulDB Base Score: 6.5
VulDB Temp Score: 6.2
VulDB Vector: 🔍
VulDB Reliability: 🔍

CNA Base Score: 9.1
CNA Vector (GitHub, Inc.): 🔍

CVSSv2info

AVACAuCIA
💳💳💳💳💳💳
💳💳💳💳💳💳
💳💳💳💳💳💳
VectorComplexityAuthenticationConfidentialityIntegrityAvailability
UnlockUnlockUnlockUnlockUnlockUnlock
UnlockUnlockUnlockUnlockUnlockUnlock
UnlockUnlockUnlockUnlockUnlockUnlock

VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍

Exploitinginfo

Class: Unsigned conversion
CWE: CWE-196 / CWE-194 / CWE-189
CAPEC: 🔍
ATT&CK: 🔍

Physical: No
Local: No
Remote: Yes

Availability: 🔍
Status: Not defined

EPSS Score: 🔍
EPSS Percentile: 🔍

Price Prediction: 🔍
Current Price Estimation: 🔍

0-DayUnlockUnlockUnlockUnlock
TodayUnlockUnlockUnlockUnlock

Threat Intelligenceinfo

Interest: 🔍
Active Actors: 🔍
Active APT Groups: 🔍

Countermeasuresinfo

Recommended: Upgrade
Status: 🔍

0-Day Time: 🔍

Upgrade: Besu 22.7.1

Timelineinfo

07/15/2022 🔍
09/24/2022 +71 days 🔍
09/24/2022 +0 days 🔍
10/23/2022 +29 days 🔍

Sourcesinfo

Product: github.com

Advisory: GHSA-4456-w38r-m53x
Status: Confirmed

CVE: CVE-2022-36025 (🔍)
GCVE (CVE): GCVE-0-2022-36025
GCVE (VulDB): GCVE-100-209466

Entryinfo

Created: 09/24/2022 08:38
Updated: 10/23/2022 09:31
Changes: 09/24/2022 08:38 (41), 10/23/2022 09:31 (12)
Complete: 🔍
Cache ID: 216::103

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion

No comments yet. Languages: en.

Please log in to comment.

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!