| id: GO-2023-1882 |
| modules: |
| - module: github.com/cometbft/cometbft |
| versions: |
| - introduced: 0.37.1 |
| fixed: 0.37.2 |
| vulnerable_at: 0.37.1 |
| packages: |
| - package: github.com/cometbft/cometbft/consensus |
| symbols: |
| - PeerState.MarshalJSON |
| summary: Deadlock in github.com/cometbft/cometbft/consensus |
| description: |- |
| An internal modification to the way PeerState is serialized to JSON introduced a |
| deadlock when the new function MarshalJSON is called. |
| |
| This function can be called in two ways. The first is via logs, by setting the |
| consensus logging module to "debug" level (which should not happen in |
| production), and setting the log output format to JSON. The second is via RPC |
| dump_consensus_state. |
| cves: |
| - CVE-2023-34450 |
| ghsas: |
| - GHSA-mvj3-qrqh-cjvr |
| references: |
| - advisory: https://github.com/cometbft/cometbft/security/advisories/GHSA-mvj3-qrqh-cjvr |
| - fix: https://github.com/cometbft/cometbft/pull/524 |
| - fix: https://github.com/cometbft/cometbft/pull/863 |
| - fix: https://github.com/cometbft/cometbft/pull/865 |
| review_status: REVIEWED |