N/A

CVSS Score

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-6fgm-x6ff-w78f

GHSA-6fgm-x6ff-w78f: Potential Denial-of-Service condition leading to temporary disability in IBC transfers to the native chain

Impact

Chains using affected versions of Packet Forward Middleware in their IBC Transfer stack are vulnerable to an attack in which there is a potential denial of service. This affects IBC transfers for any asset which is being transferred between another chain and its native chain.

We recommend upgrading as soon as possible.

THIS IS A STATE BREAKING CHANGE

Patches

Versions 7.2.1 and 8.1.1 are patched.

Workarounds

N/A

References

N/A

(GitHub Advisory)

Miggo Vulnerability Database

→

GHSA-6fgm-x6ff-w78f

GHSA-6fgm-x6ff-w78f:

N/A

CVSS Score

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v7	go	< 7.2.1	7.2.1
github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v8	go	< 8.1.1	8.1.1
github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v4	go	< 7.2.1
github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v5	go	< 7.2.1
github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v6	go	< 7.2.1

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper escrow accounting during IBC packet forwarding. The release notes explicitly mention 'correct escrow accounting' fixes and reference movement between escrow accounts. Based on:

The state-breaking nature of the fix
Commit messages about escrow handling
Typical IBC middleware architecture
Impact description of native chain transfers We infer vulnerabilities in core packet forwarding handlers that manage escrow balances. The high-confidence function is directly referenced in v7 patch context, while the medium-confidence function represents a common entrypoint for packet processing that would require escrow management.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

N/A

-

Basic Information

Basic Information

Concerned about an active attack path?

GHSA-6fgm-x6ff-w78f: Potential Denial-of-Service condition leading to temporary disability in IBC transfers to the native chain

Impact

Patches

Workarounds

References

GHSA-6fgm-x6ff-w78f:

N/A

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

GHSA-6fgm-x6ff-w78f: Potential Denial-of-Service condition leading to temporary disability in IBC transfers to the native chain

Impact

Patches

Workarounds

References

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

N/A

N/A

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI