Beosin Discovers Move VM Severity Level Vulnerability

Recently, Beosin, a blockchain security company, discovered the severity level vulnerability of Move VM. The Beosin security research team discovered a stack overflow vulnerability in the Move virtual machine that does not limit the depth of recursive calls. This vulnerability can cause the entire network to crash (total network shutdown) and prevent new validator nodes from joining the network. It may even lead to a hard fork. Versions earlier than Sui mainnetv1.2.1 and Aptos mainnetv1.4.3 are affected by this vulnerability. At present, this vulnerability has been officially fixed. Suimainnetv1.2.1, Aptosmainnetv1.4.3, Move-language versions after June 10, 2023 fix this vulnerability.