mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00

Files

Alexander Kjäll f4a8973706 add cve info to advisories (#1099 )

* add cve info to advisories

* Put `aliases` field in the proper place

It should not be under `[versions]`

* move `aliases` to the proper place

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>

2021-11-06 21:37:35 +01:00

962 B

Raw Blame History

[advisory]
id = "RUSTSEC-2021-0075"
package = "ark-r1cs-std"
date = "2021-07-08"
categories = ["crypto-failure"]
keywords = ["r1cs", "zksnark", "arkworks"]
url = "https://github.com/arkworks-rs/r1cs-std/pull/70"
aliases = ["CVE-2021-38194"]

[versions]
patched = [">= 0.3.1"]

[affected]
functions = { "ark_r1cs_std::FieldVar::mul_by_inverse" = ["< 0.3.0"] }

Flaw in `FieldVar::mul_by_inverse` allows unsound R1CS constraint systems

Versions 0.2.0 to 0.3.0 of ark-r1cs-std did not enforce any constraints in the FieldVar::mul_by_inverse method, allowing a malicious prover to produce an unsound proof that passes all verifier checks. This method was used primarily in scalar multiplication for short_weierstrass::ProjectiveVar.

This bug was fixed in commit 47ddbaa, and was released as part of version 0.3.1 on crates.io.

962 B Raw Blame History

Flaw in FieldVar::mul_by_inverse allows unsound R1CS constraint systems

962 B

Raw Blame History

Flaw in `FieldVar::mul_by_inverse` allows unsound R1CS constraint systems