76 matches found
Nervos CKB node panics when processing a block which parent timestamp is too new
Impact Adversary can initiate DOS attack by broadcasting two consecutive blocks with timestamps in the future. Patches Please upgrade to v0.34.1...
Nervos CKB BlockTimeTooNew should not be considered as invalid block
Impact Currently, when a node receives a block in future according to its local wall clock, it will mark the block as invalid and ban the peer. If the header's timestamp is more than 15 seconds ahead of our current time. In that case, the header may become valid in the future, and we don't want t...
GHSA-R9RV-9MH8-PXF4 Nervos CKB BlockTimeTooNew should not be considered as invalid block
Impact Currently, when a node receives a block in future according to its local wall clock, it will mark the block as invalid and ban the peer. If the header's timestamp is more than 15 seconds ahead of our current time. In that case, the header may become valid in the future, and we don't want t...
Nervos CKB DoS: Process exists when p2p discovery protocol receives unsupported peer IP
The p2p discovery protocol assumes that the peer IP must be valid IPv4 address...
GHSA-PR39-8257-FXC2 Nervos CKB DoS: Process exists when p2p discovery protocol receives unsupported peer IP
The p2p discovery protocol assumes that the peer IP must be valid IPv4 address...
Nervos CKB P2P DoS Attacks
The P2P protocols lack of rate limit. For example, in relay protocol, when a node receives a broadcasted txhashes, it will mark it in memory to avoid duplicated requests. code → . It is easy to establish a DoS attach by generating random tx hashes. Impact It affects all nodes connected to the P2P...
GHSA-84X2-2QV6-QG56 Nervos CKB P2P DoS Attacks
The P2P protocols lack of rate limit. For example, in relay protocol, when a node receives a broadcasted txhashes, it will mark it in memory to avoid duplicated requests. code → . It is easy to establish a DoS attach by generating random tx hashes. Impact It affects all nodes connected to the P2P...
Nervos CKB Unaligned Pointer Dereference
via [email protected] There are multiple type conversions in ckb that unsafely cast between byte pointers and other types of pointers. This results in unaligned pointers, which are not allowed by the Rust language, and are considered undefined behavior, meaning that the compiler is free to do...
GHSA-Q669-2VFG-CXCG Nervos CKB Unaligned Pointer Dereference
via [email protected] There are multiple type conversions in ckb that unsafely cast between byte pointers and other types of pointers. This results in unaligned pointers, which are not allowed by the Rust language, and are considered undefined behavior, meaning that the compiler is free to do...
PT-2024-40421 · Ckb · Ckb
Name of the Vulnerable Software and Affected Versions: ckb affected versions not specified Description: The issue arises from multiple type conversions in ckb that unsafely cast between byte pointers and other types of pointers, resulting in unaligned pointers. This is considered undefined behavi...
ckbhospital.com Cross Site Scripting vulnerability OBB-3365222
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Nervos CKB vulnerable to low-resource flood DDoS attacks through network message
Workarounds forbid request genesis through network request forbid requesting duplicate data through network request...
GHSA-P2GM-FFR3-W2XW Nervos CKB vulnerable to low-resource flood DDoS attacks through network message
Workarounds forbid request genesis through network request forbid requesting duplicate data through network request...
Nervos CKB calculation of program load cycles may be missed when executing in resume mode
Impact The calculation of program load cycles may be missed when executing in resume mode. Since the script execution order is now determined, this issue does not cause network splitting...
GHSA-FJJ4-2Q73-JVGC Nervos CKB calculation of program load cycles may be missed when executing in resume mode
Impact The calculation of program load cycles may be missed when executing in resume mode. Since the script execution order is now determined, this issue does not cause network splitting...
ckb type_id script resume may randomly fail
Impact https://github.com/nervosnetwork/ckb/blob/v0.101.2/script/src/verify.rsL871-L879 TypeIdSystemScript resume handle is not correct when maxcycles is not enough, ScriptError::ExceededMaximumCycles will be raised directly ranther than suspend as expect, and also because scriptgroup execution...
GHSA-MCMR-49X3-4JQM ckb type_id script resume may randomly fail
Impact https://github.com/nervosnetwork/ckb/blob/v0.101.2/script/src/verify.rsL871-L879 TypeIdSystemScript resume handle is not correct when maxcycles is not enough, ScriptError::ExceededMaximumCycles will be raised directly ranther than suspend as expect, and also because scriptgroup execution...
ckb: Transaction header_deps validation issue (network forking)
Impact fn HeaderCheckercheckvalid skipped main chain checking after this PR: https://github.com/nervosnetwork/ckb/pull/1646/filesdiff-c4e017b67c1b3005ca0c446a9b0879571aa36a858b1f7ddd1b9328a884e3214bR171-R176 It will cause network forking if one transaction is using a forked block header which is...
Dep Group Remote Memory Exhaustion (Denial of Service) in ckb
Impact A remote attacker could exploit this vulnerability to exhaust ckb process memory of an affected node. Patches Upgrade to 0.43.1 or later. References After resolving the outpoints of one dep group, we put the corresponding content into a vec...
Bulletproofs 加密问题漏洞
Bulletproofs is a short non-interactive zero-knowledge proof by Benedikt Bünz Personal Developer, USA. Bulletproofs 2017/1066 suffers from a security vulnerability that stems from an insecure implementation of the Fiat-Shamir transformation. An attacker can exploit this vulnerability to forge...