GMS-2023-3837: Cosmos packet-forward-middleware vulnerable to chain-halt

October 26, 2023

The Cosmos SDK is used for Inter-Blockchain Communication Protocol (IBC) applications and middleware. The packet-forward-middleware module is an IBC middleware module built for Cosmos blockchains utilizing the IBC protocol allowing routing of incoming IBC packets from a source chain to a destination chain. The packet-forward-middleware module is vulnerable to potential chain-halt due to error non-determinism.

Patches

Please patch at your earliest convenience by applying one of the following patch versions, respective to the chain’s ibc-go major version: v4.1.1 v5.2.1 v6.1.1

References

github.com/advisories/GHSA-w6rp-vxj2-fjhr
github.com/cosmos/ibc-apps/security/advisories/GHSA-w6rp-vxj2-fjhr

Detect and mitigate GMS-2023-3837 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →