Go-Ethereum vulnerable to denial of service via malicious p2p message
Package
Affected versions
< 1.12.1-stable
Patched versions
1.12.1-stable
Description
Published by the National Vulnerability Database
Sep 6, 2023
Published to the GitHub Advisory Database
Sep 6, 2023
Reviewed
Sep 6, 2023
Last updated
Nov 17, 2023
Impact
A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node.
Details
The p2p handler spawned a new goroutine to respond to
ping
requests. By flooding a node with ping requests, an unbounded number of goroutines can be created, leading to resource exhaustion and potentially crash due to OOM.Patches
The fix is included in geth version
1.12.1-stable
, i.e,1.12.2-unstable
and onwards.Fixed by ethereum/go-ethereum#27887
Workarounds
No known workarounds.
Credits
This bug was reported by Patrick McHardy and reported via bounty@ethereum.org.
References
References