Nimiq Core Rust Albatross Proposal Body Root Verification Vulnerability
Vulnerability
A vulnerability exists in the Nimiq Core Rust Albatross implementation of the Proof-of-Stake protocol, prior to version 1.2.2. A malicious or compromised validator elected as proposer can submit a macro block proposal with an incorrect body root, which can pass initial verification. This discrepancy may later cause a panic in the code, crashing the validator. The vulnerability impacts only validator nodes.
Impact
Exploitation of this vulnerability can lead to a denial-of-service condition, causing validator nodes to crash.
Reproduction
To reproduce this vulnerability, a validator must be elected as the proposer for a round. The validator can then propose a macro block with an incorrect body root. The proposal will be accepted by other nodes since the verification process only checks the header, not the body root's accuracy. When the mismatch is discovered later in the process, it will cause a panic and crash the validator.
Remediation
Users can upgrade to Nimiq Core Rust Albatross version 1.2.2 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.