Denial of Service Vulnerability in Go-Ethereum by Ethereum Foundation
CVE-2022-23328
7.5HIGH
What is CVE-2022-23328?
A design flaw in Go-Ethereum allows an attacker to exploit the transaction handling mechanism. By sending 5120 high gas price pending transactions from a single account that depletes its full balance to a targeted Geth node, an attacker can fill the memory pool of the victim node. This exploit can lead to a complete denial of service by purging all pending transactions, effectively blocking other legitimate transactions from entering the pool.