Bitcoin developers disclose vulnerabilities in Bitcoin Core v25.0, urging node operators to update their software

2024-10-13 10:41:10

Collection

ChainCatcher news, according to Protos, Bitcoin developers recently disclosed details of a high-risk software vulnerability named CVE-2024-35202. According to senior core developers, over 13% of home and commercial computers executing Bitcoin rules globally are affected by a remote shutdown vulnerability.

The vulnerability affects nodes running versions of Bitcoin Core prior to 25.0, allowing attackers to crash nodes by manipulating block transaction messages. The vulnerability originates from Core's compact block protocol, which uses shortened transaction identifiers to reduce internet bandwidth usage. Attackers can trigger conflicts in these identifiers, causing nodes to request complete blocks. While requesting complete, untruncated blocks is a security precaution, versions of the software prior to 25.0 have flaws in the logic for handling subsequent blocktxn messages.

In short, nodes can be forced into an invalid state by manipulating logic gates, leading to a complete crash. Although there is no economic incentive for ordinary attackers, developers strongly recommend that node operators update to the latest version. The credit for discovering and disclosing this vulnerability goes to Niklas Gögge, and Bitcoin Core 25.0 has resolved this issue.

(Source Link)

Related tags

Bitcoin developers Bitcoin Core nodes

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.