CVE-2024-32644
CRITICALDescription
Evmos is a scalable, high-throughput Proof-of-Stake EVM blockchain that is fully compatible and interoperable with Ethereum. Prior to 17.0.0, there is a way to mint arbitrary tokens due to the possibility to have two different states not in sync during the execution of a transaction. The exploit is based on the fact that to sync the Cosmos SDK state and the EVM one, we rely on the `stateDB.Commit()` method. When we call this method, we iterate though all the `dirtyStorage` and, **if and only if** it is different than the `originStorage`, we set the new state. Setting the new state means we update the Cosmos SDK KVStore. If a contract storage state that is the same before and after a transaction, but is changed during the transaction and can call an external contract after the change, it can be exploited to make the transaction similar to non-atomic. The vulnerability is **critical** since this could lead to drain of funds through creative SC interactions. The issue has been patched in versions >=V17.0.0.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| evmos | evmos |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-32644? +
How severe is CVE-2024-32644? +
What products are affected by CVE-2024-32644? +
How do I check if I'm vulnerable to CVE-2024-32644? +
Related Vulnerabilities
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper …
vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single expression is possible in the …
A Missing Synchronization vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on ACX5448 and ACX710 allows …
In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that …
FISCO BCOS 3.11.0 has an issue with synchronization of the transaction pool that can, for example, be observed when a …
A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of …