CVE-2023-33297

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-33297
Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures Not Applicable
https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.1.md Release Notes
https://github.com/bitcoin/bitcoin/issues/27586 Issue Tracking
https://github.com/bitcoin/bitcoin/issues/27623 Issue Tracking
https://github.com/bitcoin/bitcoin/pull/27610 Issue Tracking Patch
https://github.com/dogecoin/dogecoin/issues/3243#issuecomment-1712575544
https://github.com/visualbasic6/drain
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2EI7SAP4QP2AJYK2JVEOO4GJ6DOBSM5/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3CQY277NWXY3RFCZCJ4VKT2P3ROACEJ/
https://x.com/123456/status/1711601593399828530
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures Not Applicable
https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.1.md Release Notes
https://github.com/bitcoin/bitcoin/issues/27586 Issue Tracking
https://github.com/bitcoin/bitcoin/issues/27623 Issue Tracking
https://github.com/bitcoin/bitcoin/pull/27610 Issue Tracking Patch
https://github.com/dogecoin/dogecoin/issues/3243#issuecomment-1712575544
https://github.com/visualbasic6/drain
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2EI7SAP4QP2AJYK2JVEOO4GJ6DOBSM5/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3CQY277NWXY3RFCZCJ4VKT2P3ROACEJ/
https://x.com/123456/status/1711601593399828530
Configurations

Configuration 1 (hide)

cpe:2.3:a:bitcoin:bitcoin_core:*:*:*:*:*:*:*:*
History

21 Nov 2024, 08:05

Type Values Removed Values Added
References () https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures - Not Applicable () https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures - Not Applicable
References () https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.1.md - Release Notes () https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.1.md - Release Notes
References () https://github.com/bitcoin/bitcoin/issues/27586 - Issue Tracking () https://github.com/bitcoin/bitcoin/issues/27586 - Issue Tracking
References () https://github.com/bitcoin/bitcoin/issues/27623 - Issue Tracking () https://github.com/bitcoin/bitcoin/issues/27623 - Issue Tracking
References () https://github.com/bitcoin/bitcoin/pull/27610 - Issue Tracking, Patch () https://github.com/bitcoin/bitcoin/pull/27610 - Issue Tracking, Patch
References () https://github.com/dogecoin/dogecoin/issues/3243#issuecomment-1712575544 - () https://github.com/dogecoin/dogecoin/issues/3243#issuecomment-1712575544 -
References () https://github.com/visualbasic6/drain - () https://github.com/visualbasic6/drain -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2EI7SAP4QP2AJYK2JVEOO4GJ6DOBSM5/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2EI7SAP4QP2AJYK2JVEOO4GJ6DOBSM5/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3CQY277NWXY3RFCZCJ4VKT2P3ROACEJ/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3CQY277NWXY3RFCZCJ4VKT2P3ROACEJ/ -
References () https://x.com/123456/status/1711601593399828530 - () https://x.com/123456/status/1711601593399828530 -

07 Nov 2023, 04:14

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H3CQY277NWXY3RFCZCJ4VKT2P3ROACEJ/', 'name': 'FEDORA-2023-3317c9b824', 'tags': [], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2EI7SAP4QP2AJYK2JVEOO4GJ6DOBSM5/', 'name': 'FEDORA-2023-1bae6b7751', 'tags': [], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3CQY277NWXY3RFCZCJ4VKT2P3ROACEJ/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2EI7SAP4QP2AJYK2JVEOO4GJ6DOBSM5/ -

12 Oct 2023, 16:15

Type Values Removed Values Added
References
  • (MISC) https://github.com/dogecoin/dogecoin/issues/3243#issuecomment-1712575544 -
  • (MISC) https://x.com/123456/status/1711601593399828530 -
  • (MISC) https://github.com/visualbasic6/drain -
Summary Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023. Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.

01 Jun 2023, 06:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H3CQY277NWXY3RFCZCJ4VKT2P3ROACEJ/ -

31 May 2023, 19:15

Type Values Removed Values Added
CPE cpe:2.3:a:bitcoin:bitcoin_core:*:*:*:*:*:*:*:*
CWE CWE-400
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2EI7SAP4QP2AJYK2JVEOO4GJ6DOBSM5/ -
References (MISC) https://github.com/bitcoin/bitcoin/issues/27623 - (MISC) https://github.com/bitcoin/bitcoin/issues/27623 - Issue Tracking
References (MISC) https://github.com/bitcoin/bitcoin/pull/27610 - (MISC) https://github.com/bitcoin/bitcoin/pull/27610 - Issue Tracking, Patch
References (MISC) https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures - (MISC) https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures - Not Applicable
References (MISC) https://github.com/bitcoin/bitcoin/issues/27586 - (MISC) https://github.com/bitcoin/bitcoin/issues/27586 - Issue Tracking
References (MISC) https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.1.md - (MISC) https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.1.md - Release Notes
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
First Time Bitcoin
Bitcoin bitcoin Core
Information

Published : 2023-05-22 05:15

Updated : 2024-11-21 08:05

NVD link : CVE-2023-33297

Mitre link : CVE-2023-33297

CVE.ORG link : CVE-2023-33297

JSON object : View

Products Affected

bitcoin

  • bitcoin_core
CWE
CWE-400

Uncontrolled Resource Consumption


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024