Headline
CVE-2023-50428: Common Vulnerabilities and Exposures - Bitcoin Wiki
In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023.
CVE
Announced
Affects
Severity
Attack is…
Flaw
Net
Pre-BIP protocol changes
n/a
All Bitcoin clients
Netsplit[1]
Implicit[2]
Various hardforks and softforks
100%
CVE-2010-5137
2010-07-28
wxBitcoin and bitcoind
DoS[3]
Easy
OP_LSHIFT crash
100%
CVE-2010-5141
2010-07-28
wxBitcoin and bitcoind
Theft[4]
Easy
OP_RETURN could be used to spend any output.
100%
CVE-2010-5138
2010-07-29
wxBitcoin and bitcoind
DoS[3]
Easy
Unlimited SigOp DoS
100%
CVE-2010-5139
2010-08-15
wxBitcoin and bitcoind
Inflation[5]
Easy
Combined output overflow
100%
CVE-2010-5140
2010-09-29
wxBitcoin and bitcoind
DoS[3]
Easy
Never confirming transactions
100%
CVE-2011-4447
2011-11-11
wxBitcoin and bitcoind
Exposure[6]
Hard
Wallet non-encryption
100%
CVE-2012-1909
2012-03-07
Bitcoin protocol and all clients
Netsplit[1]
Very hard
Transaction overwriting
100%
CVE-2012-1910
2012-03-17
bitcoind & Bitcoin-Qt for Windows
Unknown[7]
Hard
Non-thread safe MingW exceptions
100%
BIP 0016
2012-04-01
All Bitcoin clients
Fake Conf[8]
Miners[9]
Softfork: P2SH
100%
CVE-2012-2459
2012-05-14
bitcoind and Bitcoin-Qt
Netsplit[1]
Easy
Block hash collision (via merkle root)
100%
CVE-2012-3789
2012-06-20
bitcoind and Bitcoin-Qt
DoS[3]
Easy
(Lack of) orphan txn resource limits
100%
CVE-2012-4682
bitcoind and Bitcoin-Qt
DoS[3]
100%
CVE-2012-4683
2012-08-23
bitcoind and Bitcoin-Qt
DoS[3]
Easy
Targeted DoS by CPU exhaustion using alerts
100%
CVE-2012-4684
2012-08-24
bitcoind and Bitcoin-Qt
DoS[3]
Easy
Network-wide DoS using malleable signatures in alerts
100%
CVE-2013-2272
2013-01-11
bitcoind and Bitcoin-Qt
Exposure[6]
Easy
Remote discovery of node’s wallet addresses
99.99%
CVE-2013-2273
2013-01-30
bitcoind and Bitcoin-Qt
Exposure[6]
Easy
Predictable change output
99.99%
CVE-2013-2292
2013-01-30
bitcoind and Bitcoin-Qt
DoS[3]
Hard
A transaction that takes at least 3 minutes to verify
0%
CVE-2013-2293
2013-02-14
bitcoind and Bitcoin-Qt
DoS[3]
Easy
Continuous hard disk seek
99.99%
CVE-2013-3219
2013-03-11
bitcoind and Bitcoin-Qt 0.8.0
Fake Conf[8]
Miners[9]
Unenforced block protocol rule
100%
CVE-2013-3220
2013-03-11
bitcoind and Bitcoin-Qt
Netsplit[1]
Hard
Inconsistent BDB lock limit interactions
99.99%
BIP 0034
2013-03-25
All Bitcoin clients
Fake Conf[8]
Miners[9]
Softfork: Height in coinbase
100%
BIP 0050
2013-05-15
All Bitcoin clients
Netsplit[1]
Implicit[2]
Hard fork to remove txid limit protocol rule
99.99%
CVE-2013-4627
2013-06-??
bitcoind and Bitcoin-Qt
DoS[3]
Easy
Memory exhaustion with excess tx message data
99%
CVE-2013-4165
2013-07-20
bitcoind and Bitcoin-Qt
Theft[10]
Local
Timing leak in RPC authentication
99%
CVE-2013-5700
2013-09-04
bitcoind and Bitcoin-Qt 0.8.x
DoS[3]
Easy
Remote p2p crash via bloom filters
99%
CVE-2014-0160
2014-04-07
Anything using OpenSSL for TLS
Unknown[7]
Easy
Remote memory leak via payment protocol
Unknown
CVE-2015-3641
2014-07-07
bitcoind and Bitcoin-Qt prior to 0.10.2
DoS[3]
Easy
(Yet) Unspecified DoS
99.9%
BIP 66
2015-02-13
All Bitcoin clients
Fake Conf[8]
Miners[9]
Softfork: Strict DER signatures
99%
BIP 65
2015-11-12
All Bitcoin clients
Fake Conf[8]
Miners[9]
Softfork: OP_CHECKLOCKTIMEVERIFY
99%
BIPs 68, 112 & 113
2016-04-11
All Bitcoin clients
Fake Conf[8]
Miners[9]
Softforks: Rel locktime, CSV & MTP locktime
99%
BIPs 141, 143 & 147
2016-10-27
All Bitcoin clients
Fake Conf[8]
Miners[9]
Softfork: Segwit
99%
CVE-2016-8889
2016-10-27
Bitcoin Knots GUI 0.11.0 - 0.13.0
Exposure
Hard
Debug console history storing sensitive info
100%
CVE-2017-9230
?
Bitcoin
?
?
ASICBoost
0%
BIP 148
2017-03-12
All Bitcoin clients
Fake Conf[8]
Miners[9]
Softfork: Segwit UASF
?
CVE-2017-12842
2018-06-09
No commitment to block merkle tree depth
CVE-2016-10724
2018-07-02
bitcoind and Bitcoin-Qt prior to 0.13.0
DoS[3]
Keyholders[11]
Alert memory exhaustion
99%
CVE-2016-10725
2018-07-02
bitcoind and Bitcoin-Qt prior to 0.13.0
DoS[3]
Keyholders[11]
Final alert cancellation
99%
CVE-2018-17144
2018-09-17
bitcoind and Bitcoin-Qt prior to 0.16.3
Inflation[5]
Miners[9]
Missing check for duplicate inputs
80%
CVE-2018-20587
2019-02-08
Bitcoin Knots prior to 0.17.1, and all current Bitcoin Core releases
Theft[10]
Local
No alert for RPC service binding failure
<1%
CVE-2017-18350
2019-06-22
bitcoind and Bitcoin-Qt prior to 0.15.1
Unknown
Varies[12]
Buffer overflow from SOCKS proxy
94%
CVE-2018-20586
2019-06-22
bitcoind and Bitcoin-Qt prior to 0.17.1
Deception
RPC access
Debug log injection via unauthenticated RPC
77%
CVE-2019-12998
2019-08-30
c-lightning prior to 0.7.1
Theft
Easy
Missing check of channel funding UTXO
CVE-2019-12999
2019-08-30
lnd prior to 0.7
Theft
Easy
Missing check of channel funding UTXO amount
CVE-2019-13000
2019-08-30
eclair prior to 0.3
Theft
Easy
Missing check of channel funding UTXO
CVE-2020-14199
2020-06-03
Trezor and others
Theft
Social[13]
Double-signing can enable unintended fees
CVE-2018-17145
2020-09-09
Bitcoin Core prior to 0.16.2
Bitcoin Knots prior to 0.16.1
Bcoin prior to 1.0.2
Btcd prior to 0.21.0
DoS[3]
Easy
p2p memory blow-up
87%
CVE-2020-26895
2020-10-08
lnd prior to 0.10
Theft
Easy
Missing low-S normalization for HTLC signatures
CVE-2020-26896
2020-10-08
lnd prior to 0.11
Theft
Varies[14]
Invoice preimage extraction via forwarded HTLC
CVE-2020-14198
Bitcoin Core 0.20.0
DoS[3]
Easy
Remote DoS
93%
CVE-2021-3401
2021-02-01
Bitcoin Core GUI prior to 0.19.0
Bitcoin Knots GUI prior to 0.18.1
Theft
Hard
Qt5 remote execution
64%
CVE-2021-31876
2021-05-06
Various wallets
CVE-2021-41591
2021-10-04
Lightning software
CVE-2021-41592
2021-10-04
Lightning software
CVE-2021-41593
2021-10-04
Lightning software
BIPs 341-343
2021-11-13
All Bitcoin nodes
Fake Conf[8]
Miners[9]
Softfork: Taproot
57%
CVE-2022-31246
2022-06-07
Electrum 2.1 until before 4.2.2
Theft
Social
- ↑ 1.0 1.1 1.2 1.3 1.4 Attacker can create multiple views of the network, enabling double-spending with over 1 confirmation
- ↑ 2.0 2.1 This is a protocol “hard-fork” that old clients will reject as invalid and must therefore not be used.
- ↑ 3.00 3.01 3.02 3.03 3.04 3.05 3.06 3.07 3.08 3.09 3.10 3.11 3.12 3.13 3.14 3.15 Attacker can disable some functionality, for example by crashing clients
- ↑ Attacker can take coins outside known network rules
- ↑ 5.0 5.1 Attacker can create coins outside known network rules
- ↑ 6.0 6.1 6.2 Attacker can access user data outside known acceptable methods
- ↑ 7.0 7.1 Extent of possible abuse is unknown
- ↑ 8.0 8.1 8.2 8.3 8.4 8.5 8.6 8.7 8.8 Attacker can double-spend with 1 confirmation
- ↑ 9.0 9.1 9.2 9.3 9.4 9.5 9.6 9.7 9.8 9.9 Attacking requires mining block(s)
- ↑ 10.0 10.1 Local attacker could potentially determine the RPC passphrase via a timing sidechannel.
- ↑ 11.0 11.1 Attacking requires signing with the publicly-disclosed alert key
- ↑ Depends on software configuration
- ↑ User must be tricked into cooperating (social engineering)
- ↑ Depends on node configuration, only affects routable merchants, requires external knowledge of receiver’s invoices and/or luck to identify receiver, only works against single-shot HTLCs (legacy or MPP)
CVE-2010-5137
Date: 2010-07-28 Summary: OP_LSHIFT crash Fix Deployment: 100%
Affected
Fix
bitcoind
wxBitcoin
* - 0.3.4
0.3.5
On July 28 2010, two bugs were discovered and demonstrated on the test network. One caused bitcoin to crash on some machines when processing a transaction containing an OP_LSHIFT. This was never exploited on the main network, and was fixed by Bitcoin version 0.3.5.
After these bugs were discovered, many currently-unused script words were disabled for safety.
References
- US-CERT/NIST
CVE-2010-5141
Date: 2010-07-28 Summary: ? Fix Deployment: 100%
Affected
Fix
bitcoind
wxBitcoin
* - 0.3.4
0.3.5
On July 28 2010, two bugs were discovered and demonstrated on the test network. One exploited a bug in the transaction handling code and allowed an attacker to spend coins that they did not own. This was never exploited on the main network, and was fixed by Bitcoin version 0.3.5.
After these bugs were discovered, many currently-unused script words were disabled for safety.
References
- US-CERT/NIST
CVE-2010-5138
Date: 2010-07-29 Summary: Unlimited SigOp DoS Fix Deployment: 100%
Affected
Fix
bitcoind
wxBitcoin
* - 0.3.?
0.3.?
On July 29 2010, it was discovered that block 71036 contained several transactions with a ton of OP_CHECKSIG commands. There should only ever be one such command. This caused every node to do extra unnecessary work, and it could have been used as a denial-of-service attack. A new version of Bitcoin was quickly released. The new version did not cause a fork on the main network, though it did cause one on the test network (where someone had played around with the attack more).
References
- US-CERT/NIST
CVE-2010-5139
Main article: CVE-2010-5139
Date: 2010-08-15 Summary: Combined output overflow Fix Deployment: 100%
Affected
Fix
bitcoind
wxBitcoin
* - 0.3.10
0.3.11
On August 15 2010, it was discovered that block 74638 contained a transaction that created over 184 billion bitcoins for two different addresses. This was possible because the code used for checking transactions before including them in a block didn’t account for the case of outputs so large that they overflowed when summed. A new version was published within a few hours of the discovery. The block chain had to be forked. Although many unpatched nodes continued to build on the “bad” block chain, the “good” block chain overtook it at a block height of 74691. The bad transaction no longer exists for people using the longest chain.
The block and transaction:
CBlock(hash=0000000000790ab3, ver=1, hashPrevBlock=0000000000606865, hashMerkleRoot=618eba, nTime=1281891957, nBits=1c00800e, nNonce=28192719, vtx=2) CTransaction(hash=012cd8, ver=1, vin.size=1, vout.size=1, nLockTime=0) CTxIn(COutPoint(000000, -1), coinbase 040e80001c028f00) CTxOut(nValue=50.51000000, scriptPubKey=0x4F4BA55D1580F8C3A8A2C7) CTransaction(hash=1d5e51, ver=1, vin.size=1, vout.size=2, nLockTime=0) CTxIn(COutPoint(237fe8, 0), scriptSig=0xA87C02384E1F184B79C6AC) CTxOut(nValue=92233720368.54275808, scriptPubKey=OP_DUP OP_HASH160 0xB7A7) CTxOut(nValue=92233720368.54275808, scriptPubKey=OP_DUP OP_HASH160 0x1512) vMerkleTree: 012cd8 1d5e51 618eba
Block hash: 0000000000790ab3f22ec756ad43b6ab569abf0bddeb97c67a6f7b1470a7ec1c Transaction hash: 1d5e512a9723cbef373b970eb52f1e9598ad67e7408077a82fdac194b65333c9
References
- Discovery
- US-CERT/NIST
CVE-2010-5140
Date: 2010-09-29 Summary: Never confirming transactions Fix Deployment: 100%
Affected
Fix
bitcoind
wxBitcoin
* - 0.3.12
0.3.13
Around September 29, 2010, people started reporting that their sent transactions would not confirm. This happened because people modified Bitcoin to send sub-0.01 transactions without any fees. A 0.01 fee was at that time required by the network for such transactions (essentially prohibiting them), so the transactions remained at 0 confirmations forever. This became a more serious issue because Bitcoin would send transactions using bitcoins gotten from transactions with 0 confirmations, and these resulting transactions would also never confirm. Because Bitcoin tends to prefer sending smaller coins, these invalid transactions quickly multiplied, contaminating the wallets of everyone who received them.
Bitcoin was changed to only select coins with at least 1 confirmation. The remaining sub-0.01 transactions were cleared by generators who modified their version of Bitcoin to not require the micropayment fee. It took a while for everything to get cleared, though, because many of the intermediate transactions had been forgotten by the network by this point and had to be rebroadcast by the original senders.
References
- Initial reports
- US-CERT/NIST
CVE-2011-4447
Date: 2011-11-11 Summary: Wallet non-encryption Fix Deployment: 100%
Affected
Fix
bitcoind
wxBitcoin
0.4.0 - 0.4.1rc6
0.4.1
0.5.0
References
- Announcement
- Finding
- 0.5.0
- US-CERT/NIST
CVE-2012-1909
Date: 2012-03-07 Summary: Transaction overwriting Fix Deployment: 100%
Affected
Fix
Bitcoin protocol
Before March 15th, 2012
BIP 30
Bitcoin-Qt
bitcoind
* - 0.4.4rc2
0.5.0rc1 - 0.5.0.4rc2
0.5.1rc1 - 0.5.3rc2
0.6.0rc1 - 0.6.0rc2
0.4.4
0.5.0.4
0.5.3
0.6.0rc3
wxBitcoin
ALL
NONE
References
- Announcement
- Fix
- Gentoo bug tracker
- US-CERT/NIST
CVE-2012-1910
Date: 2012-03-17 Summary: Non-thread safe MingW exceptions Fix Deployment: 100%
Affected
Fix
bitcoind for Windows
Bitcoin-Qt for Windows
0.5.0rc1 - 0.5.0.4
0.5.1rc1 - 0.5.3.0
0.6.0rc1 - 0.6.0rc3
0.5.0.5
0.5.3.1
0.5.4
0.6.0rc4
References
- Announcement
- US-CERT/NIST
- Full disclosure
BIP-0016
Date: 2012-04-01 Summary: Mandatory P2SH protocol update Deployment: 100%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.4
0.5.0rc1 - 0.5.0.5
0.5.1rc1 - 0.5.3
0.6.0rc1
0.4.5
0.5.0.6
0.5.4rc1
0.6.0rc2
wxBitcoin
ALL
NONE
References
- BIP 0016
CVE-2012-2459
Date: 2012-05-14 Summary: Block hash collision (via merkle tree) Fix Deployment: 100%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.6rc1
0.5.0rc1 - 0.5.5rc1
0.6.0rc1 - 0.6.0.7rc1
0.6.1rc1 - 0.6.1rc1
0.4.6
0.5.5
0.6.0.7
0.6.1rc2
Block hash collisions can easily be made by duplicating transactions in the merkle tree. Such a collision is invalid, but if recorded (as Bitcoin-Qt and bitcoind prior to 0.6.1 did) would prevent acceptance of the legitimate block with the same hash. This could be used to fork the blockchain, including deep double-spend attacks.
References
- Announcement
- Gentoo bug tracker
- US-CERT/NIST
- Full Disclosure
CVE-2012-3789
Main article: CVE-2012-3789
Date: 2012-06-20 Summary: (Lack of) orphan txn resource limits Fix Deployment: 100%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.7rc2
0.5.0rc1 - 0.5.6rc2
0.6.0rc1 - 0.6.0.8rc2
0.6.1rc1 - 0.6.2.2
0.4.7rc3
0.5.6rc3
0.6.0.9rc1
0.6.3rc1
References
- CVE-2012-3789
- 0.6.3rc1 Announcement
- US-CERT/NIST
CVE-2012-4682
Date: Summary: Fix Deployment: 100%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.7rc2
0.5.0rc1 - 0.5.6rc2
0.6.0rc1 - 0.6.0.8rc2
0.6.1rc1 - 0.6.2.2
0.4.7rc3
0.5.6rc3
0.6.0.9rc1
0.6.3rc1
References
- CVE-2012-4682
- Gentoo bug
CVE-2012-4683
Main article: CVE-2012-4683
Date: 2012-08-23 Summary: Targeted DoS by CPU exhaustion using alerts Fix Deployment: 100%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.7rc2
0.5.0rc1 - 0.5.6rc2
0.6.0rc1 - 0.6.0.8rc2
0.6.1rc1 - 0.6.2.2
0.7.0
References
- CVE-2012-4683
- Announcement
- Gentoo bug
CVE-2012-4684
Main article: CVE-2012-4684
Date: 2012-08-24 Summary: Network-wide DoS using malleable signatures in alerts Fix Deployment: 100%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.7rc2
0.5.0rc1 - 0.5.6rc2
0.6.0rc1 - 0.6.0.8rc2
0.6.1rc1 - 0.6.2.2 - 0.6.3rc1
0.7.0
References
- CVE-2012-4684
- Announcement
CVE-2013-2272
Date: 2013-01-11 Summary: Remote discovery of node’s wallet addresses Fix Deployment: 99.99%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.8rc4
0.5.0rc1 - 0.5.7
0.6.0rc1 - 0.6.0.10rc4
0.6.1rc1 - 0.6.4rc4
0.7.0rc1 - 0.7.2
0.4.9rc1
0.5.8rc1
0.6.0.11rc1
0.6.5rc1
0.7.3rc1
References
- Announcement
- Gentoo bug
CVE-2013-2273
Date: 2013-01-30 Summary: Predictable change output Fix Deployment: 99.99%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.8rc4
0.5.0rc1 - 0.5.7
0.6.0rc1 - 0.6.0.10rc4
0.6.1rc1 - 0.6.4rc4
0.7.0rc1 - 0.7.2
0.4.9rc1
0.5.8rc1
0.6.0.11rc1
0.6.5rc1
0.7.3rc1
References
- Gentoo bug
CVE-2013-2292
Date: 2013-01-30 Summary: A transaction that takes at least 3 minutes to verify Fix Deployment: 0%
Affected
Fix
Bitcoin-Qt
bitcoind
All versions
No fix yet
References
- CVE-2013-2292
- Announcement
- Gentoo bug
CVE-2013-2293
Main article: CVE-2013-2293
Date: 2013-02-14 Summary: Continuous hard disk seek Fix Deployment: 99.99%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.7.3rc1
No fix yet (0.8.0 unaffected)
References
- CVE-2013-2293
- Announcement
- Gentoo bug
CVE-2013-3219
Date: 2013-03-11 Summary: Unenforced block protocol rule Fix Deployment: 100%
Affected
Fix
Bitcoin-Qt
bitcoind
0.8.0rc1 - 0.8.0
0.8.1
References
- BIP 50
CVE-2013-3220
Date: 2013-03-11 Summary: Inconsistent BDB lock limit interactions Fix Deployment: 99.99%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.9rc1
0.5.0rc1 - 0.5.8rc1
0.6.0rc1 - 0.6.5rc1
0.7.0rc1 - 0.7.3rc1
0.4.9rc2
0.5.8rc2
0.6.5rc2
0.7.3rc2
wxBitcoin
ALL
NONE
References
- BIP 50
BIP-0034
Date: 2013-03-25 Summary: Mandatory block protocol update Deployment: 100%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.7
0.5.0rc1 - 0.5.7
0.6.0rc1 - 0.6.0.9
0.6.1rc1 - 0.6.3
0.4.8rc1
0.5.7rc1
0.6.0.10rc1
0.6.4rc1
wxBitcoin
ALL
NONE
References
- BIP 0034
BIP-0050
Date: 2013-05-15 Summary: Hard fork to remove txid limit protocol rule Deployment: 99.99%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.9rc1
0.5.0rc1 - 0.5.8rc1
0.6.0rc1 - 0.6.5rc1
0.7.0rc1 - 0.7.3rc1
0.4.9rc2
0.5.8rc2
0.6.5rc2
0.7.3rc2
wxBitcoin
ALL
NONE
References
- BIP 0050
CVE-2013-4627
Date: 2013-06-?? Summary: Memory exhaustion with excess tx message data Fix Deployment: 99.9%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.9rc3
0.5.0rc1 - 0.5.8rc3
0.6.0rc1 - 0.6.5rc3
0.7.0rc1 - 0.7.3rc3
0.8.0rc1 - 0.8.3
0.4.9rc4
0.5.8rc4
0.6.5rc4
0.7.3rc4
0.8.4
wxBitcoin
ALL
NONE
References****CVE-2013-4165
Date: 2013-07-20 Summary: Timing leak in RPC authentication Fix Deployment: 99.9%
Affected
Fix
Bitcoin-Qt
bitcoind
* - 0.4.9rc3
0.5.0rc1 - 0.5.8rc3
0.6.0rc1 - 0.6.5rc3
0.7.0rc1 - 0.7.3rc3
0.8.0rc1 - 0.8.3
0.4.9rc4
0.5.8rc4
0.6.5rc4
0.7.3rc4
0.8.4rc1
wxBitcoin
ALL
NONE
References
- Bitcoin-Qt 0.8.4 release notes
- The initial bug report
CVE-2013-5700
Date: 2013-09-04 Summary: Remote p2p crash via bloom filters Fix Deployment: 99.9%
Affected
Fix
Bitcoin-Qt
bitcoind
0.8.0rc1 - 0.8.3
0.8.4rc1
References
- Bitcoin-Qt 0.8.4 release notes
- The fix
- An added test
CVE-2016-8889
Date: 2016-10-27 Summary: Debug console history storing sensitive info Fix Deployment: 100%
Affected
Fix
Bitcoin Knots GUI
0.11.0 - 0.13.0
0.13.1
References
- Bitcoin Knots 0.16.1.knots20161027 release notes
- US-CERT/NIST
CVE-2017-12842
Date: 2018-06-09 Summary: No commitment to block merkle tree depth
References
- Explanation by Sergio Demian Lerner
- Further elaboration by Suhas Daftuar
CVE-2017-18350
Date: 2019-06-22 Summary: Buffer overflow from SOCKS proxy
Affected
Fix
Bitcoin-Qt
bitcoind
0.7.0rc1 - 0.15.0
0.15.1rc1
References
- Disclosure of details
CVE-2018-17144
Date: 2018-09-17 Summary: Missing check for duplicate inputs Fix Deployment: 31%
Affected
Fix
Bitcoin-Qt
bitcoind
0.14.0rc1 - 0.14.2
0.15.0rc1 - 0.15.1
0.16.0rc1 - 0.16.2
0.14.3
0.15.2
0.16.3
References
- Full disclosure by Bitcoin Core
- Bitcoin Core 0.16.3 release notes
- Bitcoin Knots 0.16.3.knots20180918 release notes
- US-CERT/NIST
- Gentoo bug
CVE-2018-20586
Date: 2019-06-22 Summary: Debug log injection via unauthenticated RPC
Affected
Fix
Bitcoin-Qt
bitcoind
0.12.0rc1 - 0.17.0
0.17.1rc1
CVE-2020-14199
Date: 2020-06-03 Summary: Double-signing can enable unintended fees
Affected
Fix
Trezor One
1.9.1
Trezor Model T
2.3.1
???
References
- Disclosure of details by Trezor team
CVE-2020-26895
Date: 2020-10-08 Summary: Missing low-S normalization for HTLC signatures.
Affected
Fix
lnd
0.10.0
References
- CVE-2020-26895: LND Low-S Tx-Relay Standardness
- Full Disclosure: Full Disclosure: CVE-2020-26895 LND “Hodl my Shitsig”
CVE-2020-26896
Date: 2020-10-08 Summary: Invoice preimage extraction via forwarded HTLC.
Affected
Fix
lnd
0.11.0
References
- CVE-2020-26896: LND Invoice Preimage Extraction
- Full Disclosure: CVE-2020-26896 LND “The (un)covert channel”
CVE-2021-3401
Date: 2021-02-01 Summary: Qt5 remote execution
Affected
Fix
Bitcoin Core GUI
0.19.0
Bitcoin Knots GUI
0.18.1
CVE-2021-31876
Date: 2021-05-06
References
- Full Disclosure: CVE-2021-31876 Defect in Bitcoin Core’s bip125 logic
References
- URI Argument Injection Vulnerability in Bitcoin Core 0.18 and Earlier
Definitions
A critical vulnerability is one that will have disastrous consequences if it is exploited. A serious vulnerability is one that will have serious consequences if it is exploited[1].
See Also
- Changelog
- https://blog.bitmex.com/bitcoins-consensus-forks/
References
- ↑ http://bitcointalk.org/index.php?topic=88892.0
Bitcoin Core documentation
User documentation
Alert system • Bitcoin Core compatible devices • Data directory • Fallback Nodes • How to import private keys in Bitcoin Core 0.7+ • Installing Bitcoin Core • Running Bitcoin • Transaction fees • Vocabulary
Developer documentation
Accounts explained • API calls list • API reference (JSON-RPC) • Block chain download • Dump format • getblocktemplate • List of address prefixes • Protocol documentation • Script • Technical background of version 1 Bitcoin addresses • Testnet • Transaction Malleability • Wallet import format
History & theory
Common Vulnerabilities and Exposures • DOS/STONED incident • Economic majority • Full node • Original Bitcoin client • Value overflow incident
Related news
Red Hat strives to get better at what we do, faster at how we do it, while maintaining high quality results. In modern software development, that means focusing on security as early as possible into our software development process, and continuously driving improvements by listening and acting upon early feedback in the Secure Development Lifecycle (SDL). One important tool toward that goal is the Common Weakness Enumeration (CWE), a community-developed taxonomy of flaws. We use CWE classifications to gather intelligence and data to visualize clustering common weaknesses. We can then better
Organizations should update to the latest encryption (version 3.0.7) as soon as possible, but there's no need for Heartbleed-like panic, security experts say.
Punycode-related flaw fails the logo test
The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as buffer overrun vulnerabilities that can be triggered during X.509 certificate verification by supplying a specially-crafted email
Is the new Heartbleed or just a bleeding distraction?
Even if the security bug is not another Heartbleed, prepare like it might be, they note — it has potentially sprawling ramifications.
OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack.
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename.
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Core 0.20.0 allows remote denial of service.
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.