CVE-2024-38533 – ZKsync Era's compiler has a memory corruption v... (How to Fix)

Q: What is the severity of CVE-2024-38533?

CVE-2024-38533 has a CVSS score of 6.5 (MEDIUM). ZKsync Era's compiler has a memory corruption vulnerability where invalid stack access can occur due to improper address-to-cell conversion. This could allow attackers to potentially crash the system or execute arbitrary code. Anyone using ZKsync Era versions before 1.5.0 is affected.

📋 TL;DR

ZKsync Era's compiler has a memory corruption vulnerability where invalid stack access can occur due to improper address-to-cell conversion. This could allow attackers to potentially crash the system or execute arbitrary code. Anyone using ZKsync Era versions before 1.5.0 is affected.

💻 Affected Systems

Products:

ZKsync Era
era-compiler-vyper

Versions: All versions before 1.5.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the ZKsync Era layer 2 rollup infrastructure and smart contracts compiled with vulnerable versions

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, theft of funds, or network disruption

🟠

Likely Case

Denial of service through application crashes or instability

🟢

If Mitigated

No impact if patched to version 1.5.0 or later

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires understanding of ZKsync Era's architecture and stack manipulation

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.5.0

Vendor Advisory: https://github.com/matter-labs/era-compiler-vyper/security/advisories/GHSA-q7pg-6jh9-87gv

Restart Required: Yes

Instructions:

1. Update ZKsync Era to version 1.5.0 or later. 2. Redeploy any smart contracts compiled with vulnerable versions. 3. Restart affected services.

🔧 Temporary Workarounds

Temporary isolation

all

Isolate vulnerable systems from untrusted networks

🧯 If You Can't Patch

Implement strict network segmentation to limit attack surface
Monitor for abnormal behavior and crashes in ZKsync Era components

🔍 How to Verify

Check if Vulnerable:

Check ZKsync Era version and verify if it's below 1.5.0

Check Version:

Check ZKsync Era documentation or deployment configuration for version information

Verify Fix Applied:

Confirm version is 1.5.0 or higher and test smart contract functionality

📡 Detection & Monitoring

Log Indicators:

Unexpected crashes
Memory access violation errors
Stack trace anomalies

Network Indicators:

Abnormal transaction patterns
Failed contract executions

SIEM Query:

Search for 'ZKsync Era crash' or 'memory access violation' in application logs

📊 Metadata

CVE ID: CVE-2024-38533

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE: CWE-787

Published: June 28, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-38533, you might also want to check these: