CVE-2018-17145

Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15.
References
Link Resource
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 Vendor Advisory
https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md Release Notes Third Party Advisory
https://invdos.net Third Party Advisory
https://invdos.net/paper/CVE-2018-17145.pdf Exploit Technical Description Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:bcoin:bcoin:*:*:*:*:*:*:*:*
cpe:2.3:a:bitcoin:bitcoin_core:*:*:*:*:*:*:*:*
cpe:2.3:a:bitcoinknots:bitcoin_knots:*:*:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.3.0:alpha:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.3.1:alpha:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.3.2:alpha:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.3.3:alpha:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.4.0:alpha:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.5.0:alpha:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.6.0:alpha:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.7.0:alpha:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.8.0:beta:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.9.0:beta:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.10.0:beta:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.11.0:beta:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.11.1:beta:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.12.0:beta:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.13.0:beta:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.13.0:beta2:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.20.0:beta:*:*:*:*:*:*
cpe:2.3:a:btcd_project:btcd:0.20.1:beta:*:*:*:*:*:*
cpe:2.3:a:decred:dcrd:*:*:*:*:*:*:*:*
cpe:2.3:a:litecoin:litecoin:*:*:*:*:*:*:*:*
cpe:2.3:a:namecoin:namecoin_core:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-09-10 17:15

Updated : 2024-02-28 17:47


NVD link : CVE-2018-17145

Mitre link : CVE-2018-17145

CVE.ORG link : CVE-2018-17145


JSON object : View

Products Affected

bitcoin

  • bitcoin_core

btcd_project

  • btcd

bcoin

  • bcoin

litecoin

  • litecoin

bitcoinknots

  • bitcoin_knots

namecoin

  • namecoin_core

decred

  • dcrd
CWE
CWE-400

Uncontrolled Resource Consumption