GitHub Advisory DatabaseGHSA-PPJG-V974-84CMGo-Ethereum vulnerable to denial of service via malicious p2p message
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
40.4%
Impact
A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node.
Details
The p2p handler spawned a new goroutine to respond to ping requests. By flooding a node with ping requests, an unbounded number of goroutines can be created, leading to resource exhaustion and potentially crash due to OOM.
Patches
The fix is included in geth version 1.12.1-stable, i.e, 1.12.2-unstable and onwards.
Fixed by https://github.com/ethereum/go-ethereum/pull/27887
Workarounds
No known workarounds.
Credits
This bug was reported by Patrick McHardy and reported via [email protected].
References
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ethereum | go_ethereum | * | cpe:2.3:a:ethereum:go_ethereum:*:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
40.4%