Polkadot Frontier contains silent failure in Curve25519 arithmetic precompiles with...

9.9 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N

Description

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristretto point representations. Instead of returning an error, they silently treat invalid input bytes as the Ristretto identity element, leading to potentially incorrect cryptographic results. This is fixed in commit 36f70d1.

Basic Information

ID CVE-2025-54426

Source GitHub_M

Published Jul 28, 2025 at 20:08

Modified Jul 28, 2025 at 20:26

Affected Product

Vendor polkadot-evm

Product frontier

Version < 36f70d1

Affected Versions polkadot-evm frontier < 36f70d1

CWE Classification

CWE-327

References

{
    "lastseen": "",
    "description": "Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristretto point representations. Instead of returning an error, they silently treat invalid input bytes as the Ristretto identity element, leading to potentially incorrect cryptographic results. This is fixed in commit 36f70d1.",
    "published": "2025-07-28T20:08:22.886Z",
    "modified": "2025-07-28T20:26:18.866Z",
    "type": "cve",
    "title": "Polkadot Frontier contains silent failure in Curve25519 arithmetic precompiles with malformed points",
    "source": "GitHub_M",
    "references": "https://github.com/polkadot-evm/frontier/security/advisories/GHSA-v4q3-23rh-w5mw\nhttps://github.com/polkadot-evm/frontier/pull/1720/commits/8ed6053fb868495477ba2409f7e64f439df76f96\nhttps://github.com/polkadot-evm/frontier/commit/36f70d1defcaeaed5a453015f6c98c21bb5b121b\nhttps://dotpal.io/assets/files/frontier-srlabs-2505-718c3bfa5df9fed1862fed05de506859.pdf",
    "id": "CVE-2025-54426",
    "bulletinFamily": "",
    "cwe": [
        "CWE-327"
    ],
    "cvelist": null,
    "sourceData": "polkadot-evm frontier < 36f70d1",
    "sourceHref": "",
    "cvss": {
        "score": 9.9,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "frontier",
    "version": "< 36f70d1",
    "vendor": "polkadot-evm",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Polkadot Frontier contains silent failure in Curve25519 arithmetic precompiles with malformed points_CVE-2025-54426