Lucene search

GoogleOSV:PYSEC-2023-131

HistoryApr 24, 2023 - 10:15 p.m.

PYSEC-2023-131

2023-04-2422:15:00

Google

osv.dev

vyper

smart contract language

ethereum virtual machine

bytecode

raw_call

patch

workaround

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

39.8%

JSON

Vyper is a Pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.1 through 0.3.7, the Vyper compiler generates the wrong bytecode. Any contract that uses the raw_call with revert_on_failure=False and max_outsize=0 receives the wrong response from raw_call. Depending on the memory garbage, the result can be either True or False. A patch is available and, as of time of publication, anticipated to be part of Vyper 0.3.8. As a workaround, one may always put max_outsize>0.

CPENameOperatorVersion
vypereq0.3.6
vypereq0.3.2
vypereq0.3.3
vypereq0.3.4
vypereq0.3.5
vypereq0.3.7
vypereq0.3.1

Name	Operator	Version
vyper	eq	0.3.6
vyper	eq	0.3.2
vyper	eq	0.3.3
vyper	eq	0.3.4
vyper	eq	0.3.5
vyper	eq	0.3.7
vyper	eq	0.3.1

References

docs.vyperlang.org/en/v0.3.7/built-in-functions.html#raw_call

github.com/lidofinance/gate-seals/blob/051593e74df01a4131c485b4fda52e691cd4b7d8/contracts/GateSeal.vy#L164

github.com/lidofinance/gate-seals/pull/5/files

github.com/vyperlang/vyper/commit/851f7a1b3aa2a36fd041e3d0ed38f9355a58c8ae

github.com/vyperlang/vyper/security/advisories/GHSA-w9g2-3w7p-72g9

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

39.8%

JSON

Related for OSV:PYSEC-2023-131