CVE-2025-70955
📋 TL;DR
A stack overflow vulnerability in TON Virtual Machine (TVM) allows attackers to craft smart contracts with deeply nested jump logic that exhausts stack space, causing validator nodes to crash. This creates a Denial of Service (DoS) condition for the TON blockchain network. All TON blockchain validator nodes running vulnerable TVM versions are affected.
💻 Affected Systems
- TON Virtual Machine (TVM)
- TON blockchain validator nodes
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Massive coordinated attack crashes multiple validator nodes simultaneously, causing network-wide disruption and transaction processing failure across the TON blockchain.
Likely Case
Targeted attacks against specific validator nodes cause localized DoS, disrupting transaction validation and potentially affecting network consensus.
If Mitigated
With patched TVM, smart contracts with malicious jump logic are properly handled without stack exhaustion.
🎯 Exploit Status
Exploitation requires crafting malicious smart contracts but does not require authentication to submit to the blockchain.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v2024.10 and later
Vendor Advisory: https://github.com/ton-blockchain/ton/releases/tag/v2024.10
Restart Required: Yes
Instructions:
1. Update TON software to v2024.10 or later. 2. Restart validator nodes. 3. Verify the fix by checking version and monitoring for crashes.
🔧 Temporary Workarounds
Gas limit adjustments
allIncrease gas limits to potentially prevent exploitation within normal transaction bounds
🧯 If You Can't Patch
- Monitor validator nodes for abnormal crash patterns and stack exhaustion errors
- Implement rate limiting on smart contract submissions to reduce attack surface
🔍 How to Verify
Check if Vulnerable:
Check TVM version: if running any version before v2024.10, system is vulnerable.Check Version:
Check TON software version through node configuration or logsVerify Fix Applied:
Verify TVM version is v2024.10 or later and monitor for stack overflow crashes.📡 Detection & Monitoring
Log Indicators:
- Stack overflow errors in validator logs
- Abnormal process termination of TVM
- Repeated smart contract execution failures
Network Indicators:
- Sudden validator node disconnections
- Increased transaction processing latency
SIEM Query:
search 'stack overflow' OR 'TVM crash' OR 'validator terminated' in system logs🔗 References
- https://gist.github.com/Lucian-code233/25b0a13be569db9160340d9ecd2fdf0d
- https://github.com/ton-blockchain/ton/commit/b5734d2e30b9c93cfdacb4ea37c9ebdf11ca5d49#diff-17eca9db515992a081522236bf9bad767fac171044f7c00c20bf740f4206b3de
- https://github.com/ton-blockchain/ton/releases/tag/v2024.10#:~:text=krigga%20%28emulator%29%2C-%2CArayz%2C-%40%20TonBit%20%28LS%20security
- https://mp.weixin.qq.com/s/wy2ea6udkNZzIsp1K2LEOQ
