Stack overflow

2021-05-0613:15:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

JSON

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereum_extractThorchainSwapData() in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is reachable remotely over WebUSB.

CPENameOperatorVersion
keepkey_firmwarege7.0.3
keepkey_firmwarelt7.1.0

CPE	Name	Operator	Version
	keepkey_firmware	ge	7.0.3
	keepkey_firmware	lt	7.1.0

References

blog.inhq.net/posts/keepkey-CVE-2021-31616/

github.com/keepkey/keepkey-firmware/commit/e49d45594002d4d3fbc1f03488e6dfc0a0a65836

github.com/keepkey/keepkey-firmware/releases/tag/v7.1.0

shapeshift.com/library/keepkey-important-update-issued-april-4-required