Описание
Babylon vulnerable to chain half when transaction has fees different than ubbn
Summary
Sending transactions with fees different than native Babylon genesis denom (ubbn) leads to chain halt.
Impact
Denial of Service - Due to panic in the x/distribution module BeginBlocker triggered by a error when sending fees from feeCollector to x/distribution module - https://github.com/cosmos/cosmos-sdk/blob/main/x/distribution/keeper/allocation.go#L28 Babylon Genesis will halt
Пакеты
Наименование
github.com/babylonlabs-io/babylon/v2
go
Затронутые версииВерсия исправления
< 2.2.0
2.2.0
Наименование
github.com/babylonlabs-io/babylon
go
Затронутые версииВерсия исправления
<= 1.1.0
Отсутствует
8.7 High
CVSS4
Дефекты
CWE-755
8.7 High
CVSS4
Дефекты
CWE-755