Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15.
References
Link | Resource |
---|---|
https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md | Release Notes Third Party Advisory |
https://invdos.net/paper/CVE-2018-17145.pdf | Exploit Technical Description Third Party Advisory |
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 | Vendor Advisory |
https://invdos.net | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2020-09-10 10:15
Updated : 2020-09-15 07:33
NVD link : CVE-2018-17145
Mitre link : CVE-2018-17145
JSON object : View
CWE
CWE-400
Uncontrolled Resource Consumption
Products Affected
bitcoinknots
- bitcoin_knots
bcoin
- bcoin
litecoin
- litecoin
namecoin
- namecoin_core
decred
- dcrd
btcd_project
- btcd
bitcoin
- bitcoin_core