data/reports/GO-2023-2098.yaml

id: GO-2023-2098
modules:
    - module: github.com/consensys/gnark
      versions:
        - fixed: 0.9.0
      vulnerable_at: 0.9.0-alpha
      packages:
        - package: github.com/consensys/gnark/frontend/cs/r1cs
          symbols:
            - builder.Cmp
            - builder.AssertIsLessOrEqual
            - builder.mustBeLessOrEqVar
            - builder.mustBeLessOrEqCst
          derived_symbols:
            - builder.ToBinary
        - package: github.com/consensys/gnark/frontend/cs/scs
          symbols:
            - builder.Cmp
            - builder.AssertIsLessOrEqual
            - builder.mustBeLessOrEqVar
            - builder.mustBeLessOrEqCst
          derived_symbols:
            - builder.ToBinary
        - package: github.com/consensys/gnark/internal/backend/circuits
          symbols:
            - recursiveHint.Define
        - package: github.com/consensys/gnark/std/math/bits
          symbols:
            - WithNbDigits
summary: |-
    Unsoundness in variable comparison / non-unique binary decomposition in
    github.com/consensys/gnark
cves:
    - CVE-2023-44378
ghsas:
    - GHSA-498w-5j49-vqjg
credits:
    - '@kustosz'
references:
    - report: https://github.com/zkopru-network/zkopru/issues/116
    - fix: https://github.com/Consensys/gnark/pull/835
    - fix: https://github.com/Consensys/gnark/commit/59a4087261a6c73f13e80d695c17b398c3d0934f
    - advisory: https://github.com/advisories/GHSA-498w-5j49-vqjg