CVE-2021-39137

The CVE-2021-39137 entry concerns go-ethereum (Geth). A memory-corruption/consensus flaw in the EVM can cause a node to reject or diverge from the canonical chain, potentially leading to chain splits as described in multiple advisories. A patch is included in the v1.10.8 release; no workaround is...

Ethereum Go-ethereum 缓冲区错误漏洞

Ethereum Go-ethereum is a codebase from the Ethereum community that implements the ethereum protocol in the Go language. A buffer error vulnerability exists in Go-Ethereum, which stems from a product that can cause a chain split. The following products and versions are affected: Go-Ethereum v1.10...

PT-2021-7369 · Unknown · Go-Ethereum

Name of the Vulnerable Software and Affected Versions: go-ethereum versions prior to v1.10.8 Description: A consensus-vulnerability in go-ethereum Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. This issue is related to a memory-corruption bug withi...

GHSA-XW37-57QP-9MM4 Consensus flaw during block processing in github.com/ethereum/go-ethereum

Impact A consensus-vulnerability in Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Description A flaw was repoted at 2020-08-11 by John Youngseok Yang Software Platform Lab, where a particular sequence of transactions could cause a consensus failur...

Consensus flaw during block processing in github.com/ethereum/go-ethereum

Impact A consensus-vulnerability in Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Description A flaw was repoted at 2020-08-11 by John Youngseok Yang Software Platform Lab, where a particular sequence of transactions could cause a consensus failur...

GHSA-69V6-XC2J-R2JF Shallow copy bug in geth

Impact This is a Consensus vulnerability, which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth’s pre-compiled dataCopy at 0x00...04 contract did a shallow copy on invocation. An attacker could deploy a contract that - writes X to an EVM memory region R,...

Shallow copy bug in geth

Impact This is a Consensus vulnerability, which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth’s pre-compiled dataCopy at 0x00...04 contract did a shallow copy on invocation. An attacker could deploy a contract that - writes X to an EVM memory region R,...

Consensus Flaw During Block Processing

github.com/ethereum/go-ethereum is having a consensus flaw during block processing. It leads to a chain split, where vulnerable versions refuse to accept the canonical chain...

CVE-2020-26265

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was included in the Paragade...

Code injection

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was included in the Paragade...

CVE-2020-26265

Go Ethereum (Geth) up to v1.9.19 (inclusive) is affected by a consensus vulnerability that could lead to a chain split where non-canonical chains are rejected. The issue stems from how state/account creation interacted with deleted accounts, causing inconsistent consensus under certain transactio...

CVE-2020-26241

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy at 0x00...04 contract di...

CVE-2020-26241

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy at 0x00...04 contract di...

Design/Logic Flaw

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy at 0x00...04 contract di...

CVE-2020-26241 Shallow copy bug in geth

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy at 0x00...04 contract di...

CVE-2020-26241

CVE-2020-26241 is a consensus vulnerability in the Go Ethereum (Geth) client prior to version 1.9.17. A crafted contract can trigger a mismatch between the EVM’s RETURNDATACOPY path and Geth’s execution by exploiting a shallow copy bug in the pre-compiled dataCopy contract (0x0000…04). An attacke...