5.9

CVSS Score

3.1

Basic Information

CVE ID

CVE-2025-59941

GHSA ID

GHSA-7pq9-rf9p-wcrf

EPSS Score

CWE

CWE-305

Published

9/29/2025

Updated

9/29/2025

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-59941

CVE-2025-59941: go-f3 Vulnerable to Cached Justification Verification Bypass

Description

A vulnerability exists in go-f3's justification verification caching mechanism where verification results are cached without properly considering the context of the message. An attacker can bypass justification verification by:

First submitting a valid message with a correct justification
Then reusing the same cached justification in contexts where it would normally be invalid

This occurs because the cached verification does not properly validate the relationship between the justification and the specific message context it's being used with.

Impact

Potential consensus integrity issues through invalid justification acceptance
Could affect network liveness if exploited systematically
May allow malicious actors to influence consensus decisions with invalid justifications
Requires significant power (350+ TiB due to power table rounding) to meaningfully exploit
It would also be difficult to exploit in a synchronised fashion, such that >1/3 of the network goes down at one time. This isn't a one-msg panic, where you can spam it and bring everyone down, because every node will have a different amount of memory andmany SPs also run redundant lotus nodes.

Patches

The fix was merged and released with go-f3 0.8.9. All node software (Lotus, Forest, Venus) are using a patched version of go-f3 with their updates for the nv27 network upgrade.

Workarounds

The are no immediate workarounds available. Nodes should upgrade to the patched version, which they will have done if participating in nv27 on Filecoin mainnet.

Credits

The bug was reported by @lgprbs via our bug bounty program. Thank you for the contributions.

(GitHub Advisory)

5.9

CVSS Score

3.1

Basic Information

CVE ID

CVE-2025-59941

GHSA ID

GHSA-7pq9-rf9p-wcrf

EPSS Score

CWE

CWE-305

Published

9/29/2025

Updated

9/29/2025

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/filecoin-project/go-f3	go	< 0.8.9	0.8.9

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability, identified as GHSA-7pq9-rf9p-wcrf, is a caching issue within the go-f3 library's justification verification process. The root cause is that the caching mechanism for validation results did not properly account for the message context.

The function cachingValidator.validateJustification in gpbft/validator.go was using a cache key for justifications that was generated only from the content of the justification itself. The cachingValidator.getCacheKey function was responsible for this behavior. Consequently, if a justification was validated once in a correct context, its validation result would be cached. An attacker could then reuse this same justification in a different, invalid context (e.g., for a different message value). The system would find the cached result based on the justification's hash and incorrectly skip the full validation, leading to the acceptance of an invalid message.

The patch addresses this by making the cache key more specific. It modifies cachingValidator.getCacheKey to accept additional data. The cachingValidator.validateJustification function is updated to pass the expectedVoteValueKey (a key derived from the value being voted on in the message) to getCacheKey. This ensures that the cache key is now a composite of the justification and the context in which it is used, effectively preventing the reuse of cached validations across different contexts and closing the vulnerability.

Vulnerable functions

cachingValidator.validateJustification

gpbft/validator.go

This function is responsible for validating justifications for messages in the consensus protocol. The vulnerability lies in its caching mechanism. It previously cached the validation result of a justification using a key that only depended on the justification itself, not the specific message or value it was justifying. This allowed an attacker to submit a message with a valid justification, have its validation result cached, and then reuse that same justification for a different, malicious message, bypassing the actual validation logic due to the cache hit.

cachingValidator.getCacheKey

gpbft/validator.go

This helper function generates the key used for caching validation results. The original implementation created a key based solely on the CBOR-marshaled justification object. This was the root cause of the vulnerability, as it failed to create a unique key for each validation context. The patch rectifies this by allowing additional data (specifically, the `expectedVoteValueKey` from the message being validated) to be appended to the key, thus ensuring the cache key is unique to the justification and its context.

WAF Protection Rules

WAF Rule

### **s*ription * vuln*r**ility *xists in *o-**'s justi*i**tion v*ri*i**tion ****in* m****nism w**r* v*ri*i**tion r*sults *r* ****** wit*out prop*rly *onsi**rin* t** *ont*xt o* t** m*ss***. *n *tt**k*r **n *yp*ss justi*i**tion v*ri*i**tion *y: *. *ir

Reasoning

T** vuln*r**ility, i**nti*i** *s **S*-*pq*-r**p-w*r*, is * ****in* issu* wit*in t** `*o-**` li*r*ry's justi*i**tion v*ri*i**tion pro**ss. T** root **us* is t**t t** ****in* m****nism *or v*li**tion r*sults *i* not prop*rly ***ount *or t** m*ss*** *on

5.9

Basic Information

Concerned about an active attack path?

CVE-2025-59941: go-f3 Vulnerable to Cached Justification Verification Bypass

Description

Impact

Patches

Workarounds

Credits

5.9

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI