—
RUSTSEC-2021-0156
Triton VM Soundness Vulnerability due to Missing Constraint
Details
The instruction `sponge_absorb_mem` Triton VM fails to verify that hashed values come from the claimed memory location. Malicious provers can substitute arbitrary data instead of actual memory contents.
Any application using instruction `sponge_absorb_mem` to hash memory data can be given a proof for a forged hash that doesn't correspond to the actual memory. This breaks the security of memory-based commitments.
The flaw was corrected in commits `17c7ba0a` and `ef9d9e72` by including the appropriate constraints.
Are you affected?
Enter the version of the package you're using.
Affected packages
crates.io / triton-vm
Introduced in:
0.42.0-alpha.4 Fixed in: 4.0.0 Upgrade triton-vm to 4.0.0 or newer (ecosystem crates.io).
References
- https://crates.io/crates/triton-vm [PACKAGE]
- https://rustsec.org/advisories/RUSTSEC-2021-0156.html [ADVISORY]