GHSA-j496-crgh-34mx: ibc-go: Potential Reentrancy using Timeout Callbacks in ibc-hooks
Through the deployment and subsequent use of a malicious CosmWasm contract via IBC interactions, an attacker could potentially execute the same MsgTimeout inside the IBC hook for the OnTimeout callback before the packet commitment is deleted. On chains where ibc-hooks wraps ICS-20, this vulnerability may allow for the logic of the OnTimeout callback of the transfer application to be recursively executed, leading to a condition that may present the opportunity for the loss of funds from the escrow account or unexpected minting of tokens.
References
- github.com/advisories/GHSA-j496-crgh-34mx
- github.com/cosmos/ibc-go
- github.com/cosmos/ibc-go/commit/04275aa77644dec97fb91b749d963c992591b7f7
- github.com/cosmos/ibc-go/commit/278fa89f192af04af32d82fd5ef41f84f82edd97
- github.com/cosmos/ibc-go/commit/5e2e9ebc2f67df324028dd36a1837ffcc8e6b0dd
- github.com/cosmos/ibc-go/commit/a0185df3953070ba5ebcb66735925449d1dbe729
- github.com/cosmos/ibc-go/commit/e78b3a2b9c9ce80a67d6b1c2b7f9abcb225cc219
- github.com/cosmos/ibc-go/security/advisories/GHSA-j496-crgh-34mx
Code Behaviors & Features
Detect and mitigate GHSA-j496-crgh-34mx with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →