Description

Go-Ethereum v1.10.9 was discovered to contain an issue which allows attackers to cause a denial of service (DoS) via sending an excessive amount of messages to a node. This is caused by missing memory in the component /ethash/algorithm.go.

Related CPE's

a

ethereum

go_ethereum

1.10.9

Vulnerable

References

https://docs.google.com/document/d/1dYFSpNZPC0OV-n1mMqdc269u9yYU1XQy/edit?usp=sharing&ouid=112110745137218798745&rtpof=true&sd=true

ExploitThird Party Advisory

https://docs.google.com/document/d/1dYFSpNZPC0OV-n1mMqdc269u9yYU1XQy/edit?usp=sharing&ouid=112110745137218798745&rtpof=true&sd=true

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-03-16T23:15:07.813Z

4 years ago

Last modified

2024-11-21T05:27:25.247Z

1 year ago