Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15.
References
Link | Resource |
---|---|
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 | Vendor Advisory |
https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md | Release Notes Third Party Advisory |
https://invdos.net | Third Party Advisory |
https://invdos.net/paper/CVE-2018-17145.pdf | Exploit Technical Description Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-09-10T16:32:13
Updated: 2020-09-10T16:32:13
Reserved: 2018-09-18T00:00:00
Link: CVE-2018-17145
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-09-10T17:15:25.767
Modified: 2020-09-15T14:33:06.420
Link: CVE-2018-17145
JSON object: View
Redhat Information
No data.
CWE