Stellar-core Fixes Race Condition Issue Affecting Network Core Nodes
CVE-2024-32985
5.9MEDIUM
Key Information
- Vendor
- Stellar
- Status
- Stellar-core
- Vendor
- CVE Published:
- 14 May 2024
Summary
Stellar-core is a reference implementation for the peer-to-peer agent that manages the Stellar network. Prior to 20.4.0, core nodes could be randomly crashed due to a race condition with a 3rd party library. The likelihood of affecting the network is low since crashed nodes come back up online right away. Code fix mitigation is part of Stellar-core v20.4.0 release
Affected Version(s)
stellar-core = < 20.4.0
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database