Nethermind Juno Integer Overflow Vulnerability in Bytecode Decompression Logic Allowing Denial-of-Service

A denial-of-service vulnerability has been identified in Nethermind Juno versions prior to 0.12.05. The issue arises from an integer overflow in the Sierra bytecode decompression logic of the 'cairo-lang-starknet-classes' library. This vulnerability allows remote attackers to cause an infinite loop and high CPU usage by sending a malicious Declare v2 or v3 transaction, disrupting the operation of affected Starknet full-node implementations.

Impact

Exploitation of this vulnerability can lead to full CPU saturation on nodes processing the malicious transaction, causing temporary shutdowns or service stalls. This disruption can halt the interaction between nodes and decentralized applications, especially if multiple full-node operators are targeted in quick succession.

Remediation

Nethermind has developed a security patch for this vulnerability and disseminated updated build instructions to full-node operators. The patch involves applying stricter overflow checks and additional guardrails around integer handling. Full-node operators are encouraged to follow the updated build instructions to apply the patch.