GHSA-27VH-H6MC-Q6G8 btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality

Impact The btcd Bitcoin client versions 0.10 to 0.24 did not correctly re-implement Bitcoin Core's "FindAndDelete" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block or rejecting a...

btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality

Impact The btcd Bitcoin client versions 0.10 to 0.24 did not correctly re-implement Bitcoin Core's "FindAndDelete" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block or rejecting a...

PT-2024-27962 · Btcd +1 · Btcd +1

Name of the Vulnerable Software and Affected Versions: btcd versions 0.10 through 0.24 Description: The btcd Bitcoin client did not correctly re-implement Bitcoin Core's 'FindAndDelete' functionality, leading to discrepancies in Bitcoin block validation. This can result in a chain split or Denial...

GO-2024-3112 CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft

CometBFT's state syncing validator from malicious node may lead to a chain split github.com/cometbft/cometbft...

CometBFT's state syncing validator from malicious node may lead to a chain split

Name: ASA-2024-009: State syncing validator from malicious node may lead to a chain split Component: CometBFT Criticality: Medium ACMv1.2: I:Moderate; L: Possible Affected versions: = 0.34.0, =0.37.0, = 0.38.0, = 0.38.11 Summary The state sync protocol retrieves a snapshot of the application and...

Race Condition

btcd is vulnerable to a Race Condition. The vulnerability is due to the incorrect implementation of consensus rules as outlined in BIP 68 and BIP 112, specifically by treating the transaction version as a signed integer instead of unsigned. This misinterpretation can lead to a chain split and...

GHSA-3JGF-R68H-XFQM btcd susceptible to consensus failures

btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it susceptible to consensus failures. Specifically, it uses the transaction version as a signed integer when it is supposed to be treated as unsigned. There can be a chain split and loss of...

CVE-2024-34478

btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it susceptible to consensus failures. Specifically, it uses the transaction version as a signed integer when it is supposed to be treated as unsigned. There can be a chain split and loss of...

CVE-2024-34478

btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it susceptible to consensus failures. Specifically, it uses the transaction version as a signed integer when it is supposed to be treated as unsigned. There can be a chain split and loss of...

CVE-2024-34478

btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it susceptible to consensus failures. Specifically, it uses the transaction version as a signed integer when it is supposed to be treated as unsigned. There can be a chain split and loss of...

CVE-2024-34478

CVE-2024-34478 affects btcd before 0.24.0, where the software does not correctly implement BIP 68/BIP 112 consensus rules. The core issue is treating the transaction version as a signed integer instead of unsigned, which can cause consensus failures, potentially leading to a chain split and loss ...

PT-2024-25929 · Btcd · Btcd

Name of the Vulnerable Software and Affected Versions: btcd versions prior to 0.24.0 Description: The issue arises from an incorrect implementation of the consensus rules outlined in BIP 68 and BIP 112, making btcd susceptible to consensus failures. Specifically, it uses the transaction version a...

Chain Split

github.com/ethereum/go-ethereum is vulnerable to Memory-Corruption. The vulnerability is due to mishandled memory copies during certain operations, like CALL-variants, leading to data corruption resulting in a consensus error and possible chain split...

Chain split caused by memory corruption in EVM

Lines of code Vulnerability details Chain split caused by memory corruption in EVM We recently found that the op-geth@3fa9e81 repository has a memory corruption vulnerability in EVM, which can cause a consensus error. Specifically, vulnerable nodes obtain a different stateRoot when processing a...

SUSE CVE-2020-26265

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was included in the Paragade...

GO-2022-0254 Consensus flaw during block processing in github.com/ethereum/go-ethereum

A vulnerability in the Geth EVM can cause a node to reject the canonical chain. A memory-corruption bug within the EVM can cause a consensus error, where vulnerable nodes obtain a different stateRoot when processing a maliciously crafted transaction. This, in turn, would lead to the chain being...

Ethereum Contains Consensus Flaw During Block Processing

Impact A vulnerability in the Geth EVM could cause a node to reject the canonical chain. Description A memory-corruption bug within the EVM can cause a consensus error, where vulnerable nodes obtain a different stateRoot when processing a maliciously crafted transaction. This, in turn, would lead...

CVE-2021-39137

go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a late...

CVE-2021-39137

go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a late...

Design/Logic Flaw

go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a late...