GHSA-mjfq-3qr2-6g84: Cosmos EVM Allows Partial Precompile State Writes

May 14, 2025 (updated October 31, 2025)

Setting lower EVM call gas allows users to partially execute precompiles and error at specific points in the precompile code without reverting the partially written state.

If executed on the distribution precompile when claiming funds, it could cause funds to be transferred to a user without resetting the claimable rewards to 0. The vulnerability could also be used to cause indeterministic execution by failing at other points in the code, halting validators.

Any evmOS or Cosmos EVM chain using precompiles is affected.

References

drive.google.com/file/d/1LfC0WSrQOqwTOW3qfaE6t8Jqf1PLVtS_
github.com/advisories/GHSA-mjfq-3qr2-6g84
github.com/cosmos/evm
github.com/cosmos/evm/commit/0fff8c144b24effbcb3addd666150ba5989d631c
github.com/cosmos/evm/security/advisories/GHSA-mjfq-3qr2-6g84

Code Behaviors & Features

Detect and mitigate GHSA-mjfq-3qr2-6g84 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →