CVE-2025-70956
📋 TL;DR
A state pollution vulnerability in TON Virtual Machine (TVM) allows denial of service when Out-of-Gas exceptions occur during child VM initialization. This affects smart contracts running on TON blockchain using vulnerable TVM versions. Contract developers and node operators are impacted.
💻 Affected Systems
- TON Virtual Machine (TVM)
- TON blockchain nodes
- TON smart contracts
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Smart contracts become permanently unusable due to corrupted VM state, leading to loss of funds or functionality in decentralized applications.
Likely Case
Contract execution failures and denial of service for specific operations when gas limits are reached during child VM creation.
If Mitigated
Minor performance degradation or failed transactions that can be retried with proper gas management.
🎯 Exploit Status
Requires triggering Out-of-Gas exception at precise moment during child VM initialization. No public exploits known.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v2025.04
Vendor Advisory: https://github.com/ton-blockchain/ton/releases/tag/v2025.04
Restart Required: No
Instructions:
1. Update TON software to v2025.04 or later. 2. For node operators: upgrade node software. 3. For contract developers: recompile contracts with updated TVM. 4. Verify the commit 1835d84602bbaaa1593270d7ab3bb0b499920416 is included.
🔧 Temporary Workarounds
Gas Limit Management
allIncrease gas limits for RUNVM operations to reduce likelihood of Out-of-Gas exceptions during critical state transitions.
Contract Logic Modification
allAvoid using RUNVM instruction with gas isolation in vulnerable contracts where possible.
🧯 If You Can't Patch
- Monitor for failed transactions involving RUNVM operations and investigate patterns
- Implement circuit breakers in contracts to pause operations if state corruption is detected
🔍 How to Verify
Check if Vulnerable:
Check TVM version in use. If using TON software older than v2025.04, you are vulnerable if using RUNVM instruction.Check Version:
Check TON node version with: ./ton-node --version or examine package manager versionVerify Fix Applied:
Verify TVM version is v2025.04 or later. Check that commit 1835d84602bbaaa1593270d7ab3bb0b499920416 is present in your build.📡 Detection & Monitoring
Log Indicators:
- Unexpected Out-of-Gas exceptions during RUNVM operations
- State corruption errors in VM logs
- Failed child VM initialization with resource errors
Network Indicators:
- Increased transaction failures for contracts using RUNVM
- Abnormal gas consumption patterns
SIEM Query:
Search for 'RUNVM' AND ('OOG' OR 'Out of Gas' OR 'state corruption') in transaction logs🔗 References
- https://gist.github.com/Lucian-code233/beab9d14683ed2bdf5543be430b91c70
- https://github.com/ton-blockchain/ton/commit/1835d84602bbaaa1593270d7ab3bb0b499920416
- https://github.com/ton-blockchain/ton/releases/tag/v2025.04#:~:text=Arayz%2C%20Robinlzw%2C%20%40wy666444%20%40Lucian-code233
- https://mp.weixin.qq.com/s/ZD35baKUikefFdtNHZIC9g
