4 matches found
CVE-2021-41173
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside fro...
CVE-2021-41173
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside fro...
CVE-2021-41173 DoS via maliciously crafted p2p message
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside fro...
CVE-2021-41173
CVE-2021-41173 affects go-ethereum prior to v1.10.9, where processing a malicious snap/1 message could crash a node (DoS). The Red Hat and OSV details corroborate a crash in Go Ethereum’s P2P handling, specifically the GetTrieNodes path in the snap protocol. The root cause involved unsafe handlin...