Skip to content

DoS via malicious p2p message

High
holiman published GHSA-ppjg-v974-84cm Sep 6, 2023

Package

gomod go-ethereum (Go)

Affected versions

1.10.0

Patched versions

1.12.1

Description

Impact

A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node.

Details

The p2p handler spawned a new goroutine to respond to ping requests. By flooding a node with ping requests, an unbounded number of goroutines can be created, leading to resource exhaustion and potentially crash due to OOM.

Patches

The fix is included in geth version 1.12.1-stable, i.e, 1.12.2-unstable and onwards.

Fixed by #27887

Workarounds

No known workarounds.

Credits

This bug was reported by Patrick McHardy and reported via [email protected].

References

Severity

High

CVE ID

CVE-2023-40591

Weaknesses

No CWEs