Denial of Service Vulnerability in Ethereum's Proof-of-Stake Consensus Protocol
CVE-2021-42765

7.5HIGH

Key Information:

Vendor: Proof-of-stake Ethereum Project
Status: Proof-of-stake Ethereum
Vendor: CVE Published:; 20 October 2021

What is CVE-2021-42765?

The Ethereum Proof-of-Stake consensus protocol is susceptible to a Denial of Service attack that leverages network delays, potentially leading to indefinite stalling of consensus decisions. This vulnerability allows an adversary to disrupt the network's ability to reach consensus, impairing the functionality and reliability of the Ethereum platform.

References

https://arxiv.org/abs/2110.10086

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 20, 2021
Vulnerability Reserved
Oct 20, 2021

Proof-of-stake Ethereum Project

What is CVE-2021-42765?

References

CVSS V3.1

Timeline