CVE-2023-46232

MEDIUM EPSS 42.6%
Published Oct 25, 20232y ago · Modified Jun 17, 20262w ago
5.3 CVSS 3.1
Medium
Find Similar
Published Oct 25, 2023 2y ago
Last Modified Jun 17, 2026 2w ago

Description

era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to era-compiler-vype version 1.3.10, a bug prevented the initialization of the first immutable variable for Vyper contracts meeting certain criteria. The problem arises when there is a String or Array with more 256-bit words allocated than initialized. It results in the second word’s index unset, that is effectively set to 0, so the first immutable value with the actual 0 index is overwritten in the ImmutableSimulator. Version 1.3.10 fixes this issue by setting all indexes in advance. The problem will go away, but it will get more expensive if the user allocates a lot of uninitialized space, e.g. `String[4096]`. Upgrading and redeploying affected contracts is the only way of working around the issue.

CVSS Details

Base Score
5.3
Exploitability
3.9
Impact
1.4
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability None

Threat Intelligence

EPSS Exploit Probability
42.6% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-471

Affected Products 1

VendorProductVersionRange
matter-labszkvyper* <1.3.10

References 3

  • github.com https://github.com/matter-labs/era-compiler-vyper/commit/8be305a1b9c68d0fd47dad3434224ed85944ca25
    Patch
  • github.com https://github.com/matter-labs/era-compiler-vyper/security/advisories/GHSA-h8jv-969m-94r4
    ExploitVendor Advisory
  • github.com https://github.com/matter-labs/era-system-contracts/blob/main/contracts/ImmutableSimulator.sol#L37
    Product

Remediation

  • github.com https://github.com/matter-labs/era-compiler-vyper/commit/8be305a1b9c68d0fd47dad3434224ed85944ca25
    Patch