Zero-Day Advisory

Fortinet Discovers EOS WASMSDK Buffer Overflow Vulnerability

Summary

Fortinet's FortiGuard Labs has discovered a Buffer Overflow vulnerability in EOS Blockchain WASMSDK.


EOS.IO is a blockchain protocol powered by the native cryptocurrency EOS. The protocol emulates most of the attributes of a real computer including hardware (CPU(s) & GPU(s) for processing, local/RAM memory, hard-disk storage) with the computing resources distributed equally among EOS cryptocurrency holders. EOSIO operates as a smart contract platform and decentralized operating system intended for the deployment of industrial-scale decentralized applications through a decentralized autonomous corporation model. The smart contract platform claims to eliminate transaction fees and also conduct millions of transactions per second.


A Buffer Overflow vulnerability has been discovered in EOS Blockchain WASMSDK. The vulnerability is caused by a crafted wasm file which causes an out of bounds memory access. It could allow malicious users to create code execution scenarios.

Solutions

FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:

EOS.WASMSDK.Library.Buffer.Overflow
Released Mar 13, 2019

Users should apply the solution provided by EOS Blockchain.

Timeline

Fortinet reported the vulnerability to EOS on August 06, 2018.

EOS confirmed the vulnerability on August 07, 2018.

EOS patched the vulnerability on August 16, 2018.

Acknowledgement

This vulnerability was discovered by Kushal Arvind Shah of Fortinet's FortiGuard Labs.

IPS Subscription

Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS) service should be protected against this vulnerability with the appropriate configuration parameters in place. Fortinet's IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.