First published: Mon Aug 15 2022(Updated: )
OpenZeppelin Contracts is a library for secure smart contract development. The functions `ECDSA.recover` and `ECDSA.tryRecover` are vulnerable to a kind of signature malleability due to accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format. This is only an issue for the functions that take a single `bytes` argument, and not the functions that take `r, v, s` or `r, vs` as separate arguments. The potentially affected contracts are those that implement signature reuse or replay protection by marking the signature itself as used rather than the signed message or a nonce included in it. A user may take a signature that has already been submitted, submit it again in a different form, and bypass this protection. The issue has been patched in 4.7.3.
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Openzeppelin Contracts | >=4.1.0<4.7.3 | |
Openzeppelin Contracts Upgradeable | >=4.1.0<4.7.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
This issue has the vulnerability ID CVE-2022-35961.
OpenZeppelin Contracts is a library for secure smart contract development.
The functions ECDSA.recover and ECDSA.tryRecover are vulnerable.
The vulnerability is caused by accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format.
Versions 4.1.0 through 4.7.3 of OpenZeppelin Contracts are affected.
This vulnerability has a severity rating of 6.5 (high).
The CWE ID for this vulnerability is 354.
To fix this vulnerability, update to OpenZeppelin Contracts version 4.7.3 or higher.
You can find more information about this vulnerability in the following references: [Reference 1](https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3610), [Reference 2](https://github.com/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.7.3), [Reference 3](https://github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-4h98-2769-gh6h).