Bitcoin

Bitcoin Developers Warn of Serious Software Vulnerability: CVE-2024-35202

Bitcoin developers announce a critical software vulnerability affecting nodes.

Critical Bitcoin Software Vulnerability Discovered

Recent reports from Odaily have revealed a serious vulnerability within Bitcoin’s core software, potentially affecting a significant number of users. Senior developers from the Bitcoin Core project have disclosed that over 13% of household and commercial computers running Bitcoin are susceptible to remote shutdown attacks. This vulnerability is formally identified as CVE-2024-35202.

What is CVE-2024-35202?

The vulnerability impacts Bitcoin nodes operating on Core software versions prior to 25.0. Specifically, nodes that have not been updated to at least this version are at risk. The core flaw lies in the software logic that handles 'blocktxn' messages, allowing attackers to exploit this assertion.

Understanding the Mechanism of the Vulnerability

The root cause of the CVE-2024-35202 stems from the compact block protocol utilized by Bitcoin Core, which aims to minimize internet bandwidth usage by employing shortened transaction identifiers. However, this method can be manipulated by attackers to cause conflicts within these identifiers, prompting nodes to request a full block.

Consequences of the Vulnerability

While the dodged-request for a complete block acts as a precautionary measure, core software versions older than 25.0 present a flaw in the ensuing logic that manages these blocktxn messages. Through these manipulations, attackers can induce logic gates to misfire, resulting in the nodes entering an invalid state. Ultimately, this leads to a total shutdown of the affected node.

Economic Impact

It's worth noting that despite the potential for remote attacks, the economic incentive for ordinary attackers is minimal. This may limit the immediate threat posed by the vulnerability, although it nonetheless requires urgent attention from users and developers alike.

Recommendations for Users

  • Update Your Software: Ensure that your Bitcoin Core software is updated to version 25.0 or later to mitigate the risk associated with this vulnerability.
  • Monitor Official Sources: Stay connected with official Bitcoin development channels to receive updates and patches regarding any vulnerabilities.
  • Be Aware of Threats: Educate yourself about potential threats and safeguarding measures to protect your Bitcoin assets.

Conclusion

The discovery of CVE-2024-35202 highlights the ongoing challenges of maintaining secure software environments in the cryptocurrency sphere. As the community continues to address this vulnerability, proactive measures are essential for ensuring the safety of Bitcoin nodes.

Scopri di più

Decline in BNB Chain activity versus Solana TVL increase infographic
SUI token price chart showing recent surge in value.

Commenta

Nota che i commenti devono essere approvati prima di essere pubblicati.

Questo sito è protetto da hCaptcha e applica le Norme sulla privacy e i Termini di servizio di hCaptcha.