Gloria Zhao, Niklas Gögge, and b10c discuss 3 recently announced Bitcoin Core vulnerabilities:
- DoS vulnerability in headers sync
- DoS vulnerability in inventory send queue
- Crash vulnerability in compact block relay
High severity:
An attacker could provide a peer with a chain of low-difficulty headers, which could be used to remotely crash the node.
Medium severity:
Increased network activity affected block and transaction propagation and dropped connections.
High severity:
An attacker could remotely crash Bitcoin Core nodes by triggering an assertion in the blocktxn message handling logic.
https://brink.dev/podcast/6-bitcoin-core-pre-25-disclosures/
schmidty /
npub1zs…kk4em
2024-10-10 20:42:17
Author Public Key
npub1zsu6h4pfsyt9atxv6prt64j645vlyv22jwkeh5y6mqlrxs47ex0svkk4emPublished at
2024-10-10 20:42:17Event JSON
{
"id": "29a93526c88cb748b88669c464926bd06b5ecb0e884b16c00998fb59b9590607",
"pubkey": "1439abd42981165eacccd046bd565aad19f2314a93ad9bd09ad83e3342bec99f",
"created_at": 1728592937,
"kind": 1,
"tags": [
[
"r",
"https://brink.dev/podcast/6-bitcoin-core-pre-25-disclosures/"
]
],
"content": "Gloria Zhao, Niklas Gögge, and b10c discuss 3 recently announced Bitcoin Core vulnerabilities:\n\n- DoS vulnerability in headers sync\n- DoS vulnerability in inventory send queue\n- Crash vulnerability in compact block relay\n\nHigh severity:\nAn attacker could provide a peer with a chain of low-difficulty headers, which could be used to remotely crash the node.\n\nMedium severity:\nIncreased network activity affected block and transaction propagation and dropped connections.\n\nHigh severity:\nAn attacker could remotely crash Bitcoin Core nodes by triggering an assertion in the blocktxn message handling logic.\n\nhttps://brink.dev/podcast/6-bitcoin-core-pre-25-disclosures/",
"sig": "4cc107f75edaad0bf1fd63d1f50081533b21e3f21af0798dc9889ad2a46d46431086c043c65e4b697c775d66237bb5e6681abc95b650ad5b1281ffeb185ada4d"
}