GHSA-f77q-r5qm-w4m8: 
Rust vulnerability analysis and mitigation

The vulnerability (GHSA-f77q-r5qm-w4m8) affects sp1-recursion-gnark-ffi package versions prior to 1.2.0, discovered on September 3rd, 2024. The issue involves insufficient range checks of BabyBear arithmetic in the Gnark recursion circuit, specifically when constraining arithmetic over BabyBear in the context of the BN254 scalar field ZKP circuit (GitHub Advisory).

The vulnerability stems from inadequate range checking of Bn254 values against the BabyBear modulus. Specifically, functions like InvF and InvE utilized values generated by hints without appropriate range validation. The issue has been assigned a CVSS v4.0 score of 6.9 (Moderate), with a vector string of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N (GitHub Advisory).

The vulnerability primarily affects the integrity of the system, with the CVSS metrics indicating a low integrity impact on the vulnerable system. There are no reported impacts on confidentiality or availability, and no subsequent system impacts have been identified (GitHub Advisory).

The vulnerability has been patched in version 1.2.0 by implementing appropriate range checks. The fix was released within 48 hours of discovery, and the V1.1.0 verifier was frozen on September 4th to prevent usage of vulnerable versions. Users should upgrade to version 1.2.0 or later (note that V2.0.0 contains the same contents as V1.2.0 to respect semver) (GitHub Advisory).

The code was originally audited by Veridise, and both Veridise and Kalos conducted follow-up reviews for similar issues, finding no additional vulnerabilities. Production SP1 users were promptly notified and upgraded following the discovery (GitHub Advisory).