blob: aeca66e8914d7f39a51a4e948468d4a189996c05 [file] [log] [blame]
id: GO-2024-2471
modules:
- module: github.com/cometbft/cometbft
versions:
- introduced: 0.38.0
- fixed: 0.38.3
vulnerable_at: 0.38.2
packages:
- package: github.com/cometbft/cometbft/types
symbols:
- ConsensusParams.ValidateUpdate
summary: Chain halt panic in github.com/cometbft/cometbft
description: |-
A vulnerability in CometBFT’s validation logic for VoteExtensionsEnableHeight
can result in a chain halt when triggered through a governance parameter change
proposal on an ABCI2 Application Chain. If a parameter change proposal including
a VoteExtensionsEnableHeight modification is passed, nodes running the affected
versions may panic, halting the network.
ghsas:
- GHSA-qr8r-m495-7hc4
credits:
- '@dongsam'
references:
- advisory: https://github.com/cometbft/cometbft/security/advisories/GHSA-qr8r-m495-7hc4
- fix: https://github.com/cometbft/cometbft/commit/5fbc97378b94b0945febe9549399e7c9c5df13ed
review_status: REVIEWED