Stellar-core Fixes Race Condition Issue Affecting Network Core Nodes

CVE-2024-32985

5.9MEDIUM

Key Information

Vendor
Stellar
Status
Stellar-core
Vendor
CVE Published:
14 May 2024

Summary

Stellar-core is a reference implementation for the peer-to-peer agent that manages the Stellar network. Prior to 20.4.0, core nodes could be randomly crashed due to a race condition with a 3rd party library. The likelihood of affecting the network is low since crashed nodes come back up online right away. Code fix mitigation is part of Stellar-core v20.4.0 release

Affected Version(s)

stellar-core = < 20.4.0

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.