CVE-2024-35229

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to version 1.3.10, there is a very specific pattern `f(a(),b()); check_if_a_executed_last()` in Yul that exposes a bug in evaluation order of Yul function arguments. This vulnerability has been fixed in version 1.3.10. As a workaround, update and redeploy affected contracts.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/matter-labs/era-compiler-solidity/commit/46ce047b51576495779b9f67534207d8154eab79
https://github.com/matter-labs/era-compiler-solidity/security/advisories/GHSA-jf9w-7f5g-j95p
https://github.com/matter-labs/era-compiler-solidity/commit/46ce047b51576495779b9f67534207d8154eab79
https://github.com/matter-labs/era-compiler-solidity/security/advisories/GHSA-jf9w-7f5g-j95p

Configurations

No configuration.

History

21 Nov 2024, 09:19

Type	Values Removed	Values Added
References	~~() https://github.com/matter-labs/era-compiler-solidity/commit/46ce047b51576495779b9f67534207d8154eab79 -~~	() https://github.com/matter-labs/era-compiler-solidity/commit/46ce047b51576495779b9f67534207d8154eab79 -
References	~~() https://github.com/matter-labs/era-compiler-solidity/security/advisories/GHSA-jf9w-7f5g-j95p -~~	() https://github.com/matter-labs/era-compiler-solidity/security/advisories/GHSA-jf9w-7f5g-j95p -

28 May 2024, 12:39

Type	Values Removed	Values Added
Summary		(es) ZKsync Era es un paquete acumulativo de capa 2 que utiliza pruebas de conocimiento cero para escalar Ethereum. Antes de la versión 1.3.10, existía un patrón muy específico `f(a(),b()); check_if_a_executed_last()` en Yul que expone un error en el orden de evaluación de los argumentos de la función Yul. Esta vulnerabilidad se ha solucionado en la versión 1.3.10. Como workaround, actualice y vuelva a implementar los contratos afectados.

27 May 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-27 17:15

Updated : 2024-11-21 09:19

NVD link : CVE-2024-35229

Mitre link : CVE-2024-35229

CVE.ORG link : CVE-2024-35229

JSON object : View

Products Affected

No product.

CWE

CWE-696

Incorrect Behavior Order

5.3 /10