CVE-2021-41138 : Frontier is Substrate's Ethereum compatibility layer. In the newly introduced si

Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for `pallet-ethereum`, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of this to put invalid transactions into a block. The attack is limited in that the signature is always validated, and the majority of the validation is done again in the subsequent `pallet-evm` execution logic. However, do note that a chain ID replay attack was possible. In addition, spamming attacks are of main concerns, while they are limited by Substrate block size limits and other factors. The issue is patched in commit `146bb48849e5393004be5c88beefe76fdf009aba`.

Published 2021-10-13 16:15:08

Updated 2021-10-20 16:45:02

Source GitHub, Inc.

View at NVD, CVE.org

Vulnerability category: Input validation

Products affected by CVE-2021-41138

Parity » Frontier
Versions from including (>=) 2021-09-30 and before (<) 2021-10-13
cpe:2.3:a:parity:frontier:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-41138

EPSS FAQ

0.58%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 66 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-41138

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: Low Availability: None
5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	3.9	1.4	GitHub, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: Low Availability: None

CWE ids for CVE-2021-41138

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Assigned by:
- nvd@nist.gov (Primary)
- security-advisories@github.com (Secondary)

References for CVE-2021-41138

https://github.com/paritytech/frontier/commit/146bb48849e5393004be5c88beefe76fdf009aba

Fix security issue: transaction validity controls must be executed in… · paritytech/frontier@146bb48 · GitHub
Patch;Third Party Advisory
https://github.com/paritytech/frontier/pull/497

Ensure no error is possible in `apply_validated_transaction` and fix `correct_and_deposit_fee` by sorpaas · Pull Request #497 · paritytech/frontier · GitHub
Patch;Third Party Advisory
https://github.com/paritytech/frontier/security/advisories/GHSA-vj62-g63v-f8mf

Validity check for signed Frontier-specific extrinsic not called in block execution · Advisory · paritytech/frontier · GitHub
Patch;Third Party Advisory

Jump to

Vulnerability Details : CVE-2021-41138

Products affected by CVE-2021-41138

Exploit prediction scoring system (EPSS) score for CVE-2021-41138

CVSS scores for CVE-2021-41138

CWE ids for CVE-2021-41138

References for CVE-2021-41138