Bitcoin Core vulnerability allows denial of service via flood of minimum difficulty headers
CVE-2024-52916

7.5HIGH

Key Information:

Vendor

Bitcoin Core

Status
Bitcoin Core
Vendor
CVE Published:
18 November 2024

What is CVE-2024-52916?

A vulnerability in Bitcoin Core software before version 0.15.0 enables attackers to execute denial of service (DoS) attacks by sending a flood of minimum difficulty headers. This can lead to an out-of-memory (OOM) situation, resulting in the termination of the daemon process. Such attacks can severely disrupt the operation of Bitcoin nodes, causing interruptions in transaction processing and network stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exp...
https://bitcoincore.org/en/2024/07/03/disclose-header-spam/

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.