Advisories for Golang/Github.com/Filecoin-Project/Go-F3 package

A vulnerability exists in go-f3's justification verification caching mechanism where verification results are cached without properly considering the context of the message. An attacker can bypass justification verification by: First submitting a valid message with a correct justification Then reusing the same cached justification in contexts where it would normally be invalid This occurs because the cached verification does not properly validate the relationship between the justification and the specific …

Filecoin nodes consuming F3 messages are vulnerable. go-f3 panics when it validates a "poison" messages. A "poison" message can can cause integer overflow in the signer index validation. In Lotus' case, the whole node will crash. There is no barrier to entry. An attacker doesn't need any power to pull off this attack. These malicious messages aren't self-propagating since the bug is in the validator. An attacker needs to directly …