Miggo Logo
Miggo Vulnerability Database
CVE-2021-38195

CVE-2021-38195: Overflow in libsecp256k1

9.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2021-38195
GHSA ID
GHSA-g4vj-x7v9-h82m
EPSS Score
0.38812%
CWE
CWE-190
Published
8/25/2021
Updated
2/3/2023
KEV Status
No
Technology
TechnologyRust

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
libsecp256k1rust< 0.5.00.5.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from signature parsing functions that didn't validate curve order constraints. The GitHub PR #67 explicitly shows these functions were renamed to parse_overflowing/parse_overflowing_slice in the fix, while new parse_standard functions with proper checks were added. Before 0.5.0, these were the primary parsing methods without overflow validation, matching the CWE-190 and CWE-347 descriptions. The file path is confirmed from commit diffs and advisory details.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in t** li*s**p***k* *r*t* ***or* *.*.* *or Rust. It **n v*ri*y *n inv*li* si*n*tur* ****us* it *llows t** R or S p*r*m*t*r to ** l*r**r t**n t** *urv* or**r, *k* *n ov*r*low.

Reasoning

T** vuln*r**ility st*mm** *rom si*n*tur* p*rsin* *un*tions t**t *i*n't v*li**t* *urv* or**r *onstr*ints. T** *it*u* PR #** *xpli*itly s*ows t**s* *un*tions w*r* r*n*m** to p*rs*_ov*r*lowin*/p*rs*_ov*r*lowin*_sli** in t** *ix, w*il* n*w p*rs*_st*n**r*