Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseGHSA-qfc5-6r3j-jj22
GHSA-qfc5-6r3j-jj22:
vulnerability analysis and mitigation
Overview
The vulnerability (GHSA-qfc5-6r3j-jj22) affects the x/crisis module in the Cosmos SDK package (github.com/cosmos/cosmos-sdk). Discovered and disclosed in March 2023, this vulnerability impacts all versions of the x/crisis module across all versions of the Cosmos SDK through version 0.47.2. The core issue is that the module fails to perform its primary security function: halting the chain when invariant violations are detected (GitHub Advisory).
Technical details
The x/crisis module is designed to halt a chain when a violated invariant is detected through a MsgVerifyInvariant message. However, due to the SDK's built-in panic-recovery mechanism, any panic triggered within a transaction is caught and treated as a normal 'invalid' transaction instead of halting the chain. While nodes running with the '--inv-check-period X' parameter will panic during periodic checks due to the panic occurring in EndBlock (which isn't caught by the recovery mechanism), this configuration is rarely used in production environments due to the performance impact of invariant checks (GitHub Advisory).
Impact
When an invariant check fails on a Cosmos SDK network and a transaction is sent to the x/crisis module to halt the chain, the chain continues to operate instead of halting as intended. This means that networks may continue running even when critical invariants are violated, potentially leading to undefined behavior or security risks (GitHub Advisory).
Mitigation and workarounds
No patches will be released for this vulnerability as the Cosmos SDK team is working on new modules that will allow chain developers to fine-tune chain invariants and necessary actions. In cases where a valid invariant check failure requires a chain halt, network validators are advised to coordinate off-chain for network halts, following established processes for security patches. The x/crisis module will eventually be deprecated when new modules take over its responsibilities (GitHub Advisory).
Community reactions
The Cosmos SDK team has acknowledged that as chains mature and the potential cost of halting increases, chains should carefully consider which invariants warrant a chain halt versus those that are merely helpful sanity checks. This represents a shift in thinking about chain safety versus liveness tradeoffs (GitHub Advisory).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management