漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
`openvm-pairing` pairing check missing proper subfield check on scaling factor
Vulnerability Description
OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a proper subfield of Fp12. This allows incorrect results to the pairing check. This issue has been patched in version 1.6.0.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
OpenVM 输入验证错误漏洞
Vulnerability Description
OpenVM是OpenVM开源的一个为定制和可扩展性而构建的高性能和模块化zkVM框架。 OpenVM 1.6.0之前版本存在输入验证错误漏洞,该漏洞源于openvm-pairing库的try_honest_pairing_check函数未检查缩放因子s是否在Fp12的适当子域中,可能导致配对检查结果不正确。
CVSS Information
N/A
Vulnerability Type
N/A