Listen to this Post
How the mentioned CVE works:
The flaw stems from insufficient error handling when an invalid sighash type appears during transparent transaction verification. Zebra uses a Rust-to-C++ FFI to call Bitcoin Script verification code. A previous fix (GHSA-8m29-fpq5-89jj) added a Rust-side check for V5 hash types, returning `None` for undefined values. However, the FFI bridge only writes to the C++ sighash buffer when the callback returns Some, but the C++ checker reads the buffer unconditionally. Thus a `None` return does not clear or invalidate the buffer; it simply skips writing. If a prior valid `OP_CHECKSIGVERIFY` left a correct sighash digest in that buffer, an attacker can follow it with an `OP_CHECKSIG` that uses an undefined hash type. Zebra’s Rust side returns None, but the C++ side verifies the new (invalid) signature against the stale, valid digest. This causes Zebra to accept the spend while zcashd rejects it, creating a consensus split. The attack requires crafting a transparent output whose script runs a valid `OP_CHECKSIGVERIFY` immediately before an `OP_CHECKSIG` with an undefined hash type. No error is propagated, so the stale buffer is reused. This enables network partitioning, double-spend attacks, and service disruption against affected Zebra nodes (version 4.3.1). The fix in 4.4.0 fills the buffer with random bytes on validation failure, making signature verification fail with overwhelming probability until a proper error propagation is released.
dailycve form:
Platform: Zebra node
Version: 4.3.1
Vulnerability: Consensus split
Severity: Critical
date: 2026-05-08
Prediction: Patch in 4.4.0
What Undercode Say:
Analytics:
Check Zebra version zebrad --version Verify if vulnerable (4.3.1 only) grep 'version = "4.3.1"' Cargo.lock Upgrade to patched version cargo install --git https://github.com/ZcashFoundation/zebra --tag v4.4.0 Monitor for consensus split logs grep "sighash.invalid" zebra.log Simulate stale buffer check (conceptual) echo -e "OP_CHECKSIGVERIFY\nOP_CHECKSIG undefined" | xxd
Exploit:
Attacker crafts a transparent transaction with a script that first executes OP_CHECKSIGVERIFY (priming buffer), then OP_CHECKSIG with an invalid hash type. Zebra accepts the invalid signature due to stale digest; zcashd rejects it. Broadcast this transaction to split the network.
Protection from this CVE:
Upgrade immediately to Zebra 4.4.0 or later. No workarounds exist. After upgrade, the random buffer fill forces invalid signatures to fail deterministically.
Impact:
Consensus failure, network partition, double-spend risk, service disruption for all Zebra 4.3.1 nodes. Miners relying on Zebra validation risk producing orphaned blocks.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
