nvd-json-data-feeds/CVE-2021/CVE-2021-412xx/CVE-2021-41272.json

{
  "id": "CVE-2021-41272",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2021-12-13T21:15:09.083",
  "lastModified": "2024-11-21T06:25:56.277",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Besu is an Ethereum client written in Java. Starting in version 21.10.0, changes in the implementation of the SHL, SHR, and SAR operations resulted in the introduction of a signed type coercion error in values that represent negative values for 32 bit signed integers. Smart contracts that ask for shifts between approximately 2 billion and 4 billion bits (nonsensical but valid values for the operation) will fail to execute and hence fail to validate. In networks where vulnerable versions are mining with other clients or non-vulnerable versions this will result in a fork and the relevant transactions will not be included in the fork. In networks where vulnerable versions are not mining (such as Rinkeby) no fork will result and the validator nodes will stop accepting blocks. In networks where only vulnerable versions are mining the relevant transaction will not be included in any blocks. When the network adds a non-vulnerable version the network will act as in the first case. Besu 21.10.2 contains a patch for this issue. Besu 21.7.4 is not vulnerable and clients can roll back to that version. There is a workaround available: Once a transaction with the relevant shift operations is included in the canonical chain, the only remediation is to make sure all nodes are on non-vulnerable versions."
    },
    {
      "lang": "es",
      "value": "Besu es un cliente de Ethereum escrito en Java. A partir de la versi\u00f3n 21.10.0, los cambios en la implementaci\u00f3n de las operaciones SHL, SHR y SAR resultaron en la introducci\u00f3n de un error de coerci\u00f3n de tipo con signo en valores que representan valores negativos para enteros con signo de 32 bits. Los contratos inteligentes que piden desplazamientos entre aproximadamente 2.000 millones y 4.000 millones de bits (valores sin sentido pero v\u00e1lidos para la operaci\u00f3n) fallar\u00e1n en la ejecuci\u00f3n y, por tanto, en la comprobaci\u00f3n. En las redes en las que las versiones vulnerables est\u00e9n minando con otros clientes o versiones no vulnerables ser\u00e1 producida una bifurcaci\u00f3n y las transacciones correspondientes no ser\u00e1n incluidas en la bifurcaci\u00f3n. En redes donde las versiones vulnerables no est\u00e1n minando (como Rinkeby) no ser\u00e1 producida ninguna bifurcaci\u00f3n y los nodos comprobadores dejar\u00e1n de aceptar bloques. En las redes en las que s\u00f3lo minan las versiones vulnerables, la transacci\u00f3n correspondiente no ser\u00e1 incluida en ning\u00fan bloque. Cuando la red a\u00f1ada una versi\u00f3n no vulnerable la red actuar\u00e1 como en el primer caso. Besu versi\u00f3n 21.10.2 contiene un parche para este problema. Besu versi\u00f3n 21.7.4 no es vulnerable y los clientes pueden volver a esa versi\u00f3n. Se presenta una soluci\u00f3n disponible: Una vez que una transacci\u00f3n con las operaciones de cambio pertinentes es incluida en la cadena can\u00f3nica, la \u00fanica soluci\u00f3n es asegurarse de que todos los nodos est\u00e1n en versiones no vulnerables"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security-advisories@github.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "baseScore": 5.0,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "PARTIAL"
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security-advisories@github.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-681"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:linuxfoundation:besu:21.10.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2FDDEA0-D513-4C33-8001-83A2DE4CEAEE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:linuxfoundation:besu:21.10.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8A6E500F-A15A-432C-BA08-CEF7868B12C3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:linuxfoundation:besu:21.10.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B2CE0FEE-071A-4BDD-BAD6-41F2DB7F52A9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:linuxfoundation:besu:21.10.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "918662C1-AC2E-49AE-9486-916291AE325E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:linuxfoundation:besu:21.10.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "AF3AA73B-FA49-4C84-A6B3-18D04A3154AE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:linuxfoundation:besu:21.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA39AB7F-5479-458A-A602-53603138DF6F"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/hyperledger/besu/commit/4170524ac3b45185704fcfbdeeb71b0b05dfa0a1",
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/hyperledger/besu/pull/3039",
      "source": "security-advisories@github.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/hyperledger/besu/security/advisories/GHSA-7pg2-p5vj-xp5h",
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/hyperledger/besu/commit/4170524ac3b45185704fcfbdeeb71b0b05dfa0a1",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/hyperledger/besu/pull/3039",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/hyperledger/besu/security/advisories/GHSA-7pg2-p5vj-xp5h",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ]
    }
  ]
}