{"id":"GO-2024-3112","summary":"CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft","details":"CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft","aliases":["GHSA-g5xx-c4hv-9ccc"],"modified":"2026-03-17T04:49:19.143709Z","published":"2024-09-13T21:55:06Z","database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2024-3112"},"references":[{"type":"ADVISORY","url":"https://github.com/cometbft/cometbft/security/advisories/GHSA-g5xx-c4hv-9ccc"},{"type":"FIX","url":"https://github.com/cometbft/cometbft/commit/3937e00a339ee6b861d75997b4f6c87d867b74f2"},{"type":"FIX","url":"https://github.com/cometbft/cometbft/commit/52c00a537f8f56ed94b4a5c8af6e3fecff468b55"}],"affected":[{"package":{"name":"github.com/cometbft/cometbft","ecosystem":"Go","purl":"pkg:golang/github.com/cometbft/cometbft"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.37.0"},{"fixed":"0.37.11"},{"introduced":"0.38.0"},{"fixed":"0.38.12"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/cometbft/cometbft/light","symbols":["Client.TrustedLightBlock","Client.Update","Client.VerifyHeader","Client.VerifyLightBlockAtHeight","Client.compareFirstHeaderWithWitnesses","Client.compareNewHeaderWithWitness","Client.detectDivergence","Client.findNewPrimary","Client.initializeWithTrustOptions","ErrInvalidHeader.Error","ErrNewValSetCantBeTrusted.Error","ErrOldHeaderExpired.Error","ErrVerificationFailed.Error","NewClient","NewClientFromTrustedStore","NewHTTPClient","NewHTTPClientFromTrustedStore","TrustOptions.ValidateBasic","ValidateTrustLevel","Verify","VerifyAdjacent","VerifyBackwards","VerifyNonAdjacent","errBadWitness.Error","errConflictingHeaders.Error"]},{"path":"github.com/cometbft/cometbft/types","symbols":["ABCIParams.VoteExtensionsEnabled","Block.Hash","Block.HashesTo","Block.MakePartSet","Block.Size","Block.String","Block.StringIndented","Block.StringShort","Block.ToProto","Block.ValidateBasic","BlockFromProto","BlockID.Key","BlockID.String","BlockID.ValidateBasic","BlockIDFromProto","BlockMeta.ValidateBasic","BlockMetaFromProto","BlockMetaFromTrustedProto","CanonicalTime","CanonicalizeBlockID","CanonicalizeProposal","CanonicalizeVote","Commit.GetVote","Commit.Hash","Commit.StringIndented","Commit.ToVoteSet","Commit.ValidateBasic","Commit.VoteSignBytes","CommitFromProto","CommitSig.BlockID","CommitSig.FromProto","CommitSig.String","CommitSig.ValidateBasic","ConsensusParams.ValidateBasic","ConsensusParams.ValidateUpdate","Data.StringIndented","DuplicateVoteEvidence.Bytes","DuplicateVoteEvidence.Hash","DuplicateVoteEvidence.String","DuplicateVoteEvidence.ValidateBasic","DuplicateVoteEvidenceFromProto","ErrEvidenceOverflow.Error","ErrInvalidCommitHeight.Error","ErrInvalidCommitSignatures.Error","ErrInvalidEvidence.Error","ErrNotEnoughVotingPowerSigned.Error","ErrVoteConflictingVotes.Error","ErrVoteExtensionInvalid.Error","EventBus.OnStart","EventBus.OnStop","EventBus.PublishEventNewBlock","EventBus.PublishEventNewBlockEvents","EventBus.PublishEventTx","EventQueryTxFor","EvidenceData.ByteSize","EvidenceData.FromProto","EvidenceData.Hash","EvidenceData.StringIndented","EvidenceData.ToProto","EvidenceFromProto","EvidenceList.Has","EvidenceList.Hash","EvidenceList.String","EvidenceToProto","ExtendedCommit.EnsureExtensions","ExtendedCommit.GetByIndex","ExtendedCommit.GetExtendedVote","ExtendedCommit.ToExtendedVoteSet","ExtendedCommit.ValidateBasic","ExtendedCommitFromProto","ExtendedCommitSig.EnsureExtension","ExtendedCommitSig.FromProto","ExtendedCommitSig.String","ExtendedCommitSig.ValidateBasic","GenesisDoc.SaveAs","GenesisDoc.ValidateAndComplete","GenesisDoc.ValidatorHash","GenesisDocFromFile","GenesisDocFromJSON","Header.Hash","Header.StringIndented","Header.ValidateBasic","HeaderFromProto","LightBlock.String","LightBlock.StringIndented","LightBlock.ToProto","LightBlock.ValidateBasic","LightBlockFromProto","LightClientAttackEvidence.Bytes","LightClientAttackEvidence.Hash","LightClientAttackEvidence.String","LightClientAttackEvidence.ToProto","LightClientAttackEvidence.ValidateBasic","LightClientAttackEvidenceFromProto","MakeBlock","MakeExtCommit","MakeVote","MakeVoteNoError","MaxDataBytes","MaxDataBytesNoEvidence","MockPV.SignProposal","MockPV.SignVote","MockPV.String","NewBlockMeta","NewDuplicateVoteEvidence","NewErroringMockPV","NewMockDuplicateVoteEvidence","NewMockDuplicateVoteEvidenceWithValidator","NewMockPV","NewValidatorSet","Part.String","Part.StringIndented","Part.ValidateBasic","PartFromProto","PartSet.AddPart","PartSet.MarshalJSON","PartSet.StringShort","PartSetHeader.String","PartSetHeader.ValidateBasic","PartSetHeaderFromProto","Proposal.String","Proposal.ValidateBasic","ProposalFromProto","ProposalSignBytes","QueryForEvent","RandValidator","RandValidatorSet","SignAndCheckVote","SignedHeader.String","SignedHeader.StringIndented","SignedHeader.ValidateBasic","SignedHeaderFromProto","Tx.String","TxProof.Validate","TxProofFromProto","Txs.Validate","ValidateHash","Validator.Bytes","Validator.String","Validator.ToProto","Validator.ValidateBasic","ValidatorFromProto","ValidatorListString","ValidatorSet.CopyIncrementProposerPriority","ValidatorSet.GetProposer","ValidatorSet.Hash","ValidatorSet.IncrementProposerPriority","ValidatorSet.Iterate","ValidatorSet.String","ValidatorSet.StringIndented","ValidatorSet.ToProto","ValidatorSet.TotalVotingPower","ValidatorSet.UpdateWithChangeSet","ValidatorSet.ValidateBasic","ValidatorSet.VerifyCommit","ValidatorSet.VerifyCommitLight","ValidatorSet.VerifyCommitLightAllSignatures","ValidatorSet.VerifyCommitLightTrusting","ValidatorSet.VerifyCommitLightTrustingAllSignatures","ValidatorSet.findProposer","ValidatorSetFromExistingValidators","ValidatorSetFromProto","VerifyCommit","VerifyCommitLight","VerifyCommitLightAllSignatures","VerifyCommitLightTrusting","VerifyCommitLightTrustingAllSignatures","Vote.CommitSig","Vote.ExtendedCommitSig","Vote.String","Vote.ValidateBasic","Vote.Verify","Vote.VerifyExtension","Vote.VerifyVoteAndExtension","VoteExtensionSignBytes","VoteFromProto","VoteSet.AddVote","VoteSet.BitArrayByBlockID","VoteSet.BitArrayString","VoteSet.HasAll","VoteSet.HasTwoThirdsAny","VoteSet.LogString","VoteSet.MakeExtendedCommit","VoteSet.MarshalJSON","VoteSet.SetPeerMaj23","VoteSet.String","VoteSet.StringIndented","VoteSet.StringShort","VoteSet.VoteStrings","VoteSignBytes"]}],"custom_ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0.34.0"},{"fixed":"0.34.34"}]}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2024-3112.json"}}],"schema_version":"1.7.5"}