Ledger Bitcoin App Address Derivation Vulnerability

A vulnerability exists in the Ledger Bitcoin app in versions 2.1.0 and 2.1.1, related to how the app handles miniscript policies. This flaw allows incorrect Bitcoin addresses to be displayed, as the app improperly processes miniscript policies containing the 'a:' fragment. Attackers could exploit this by crafting malicious miniscript policies that lead the device to derive and show incorrect receiving addresses, potentially causing funds to be sent to unintended destinations.

Impact

Exploitation of this vulnerability could result in funds being sent to incorrect Bitcoin addresses, due to the app displaying invalid addresses derived from manipulated miniscript policies.

Remediation

Users of the Ledger Bitcoin app are advised to upgrade to version 2.1.2, which corrects the handling of the 'a:' fragment. Additionally, all three client libraries associated with the Ledger Bitcoin app have been updated to reject miniscript policies containing the 'a:' fragment on the affected versions of the app. This update reduces the risk of software wallets incorrectly using the wrong receiving addresses.