Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15.
References
Link | Resource |
---|---|
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 | Vendor Advisory |
https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md | Release Notes Third Party Advisory |
https://invdos.net | Third Party Advisory |
https://invdos.net/paper/CVE-2018-17145.pdf | Exploit Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2020-09-10 17:15
Updated : 2024-02-28 17:47
NVD link : CVE-2018-17145
Mitre link : CVE-2018-17145
CVE.ORG link : CVE-2018-17145
JSON object : View
Products Affected
bitcoin
- bitcoin_core
btcd_project
- btcd
bcoin
- bcoin
litecoin
- litecoin
bitcoinknots
- bitcoin_knots
namecoin
- namecoin_core
decred
- dcrd
CWE
CWE-400
Uncontrolled Resource Consumption