ENS DNSSEC Oracle Vulnerable to RSA Signature Forgery via Missing PKCS#1 v1.5 Padding Validation
Description
Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. In versions 1.6.2 and prior, the RSASHA256Algorithm and RSASHA1Algorithm contracts fail to validate PKCS#1 v1.5 padding structure when verifying RSA signatures. The contracts only check if the last 32 (or 20) bytes of the decrypted signature match the expected hash. This enables Bleichenbacher's 2006 signature forgery attack against DNS zones using RSA keys with low public exponents (e=3). Two ENS-supported TLDs (.cc and .name) use e=3 for their Key Signing Keys, allowing any domain under these TLDs to be fraudulently claimed on ENS without DNS ownership. Apatch was merged at commit c76c5ad0dc9de1c966443bd946fafc6351f87587. Possible workarounds include deploying the patched contracts and pointing DNSSECImpl.setAlgorithm to the deployed contract.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@ensdomains/ens-contractsnpm | <= 1.6.2 | — |
Affected products
2- Range: <= 1.6.2
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-c6rr-7pmc-73wcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-22866ghsaADVISORY
- github.com/ensdomains/ens-contracts/commit/c76c5ad0dc9de1c966443bd946fafc6351f87587ghsax_refsource_MISCWEB
- github.com/ensdomains/ens-contracts/security/advisories/GHSA-c6rr-7pmc-73wcghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.