Bug of CVE-2024-32972 in rawdb/accessors_chain.go #5
Comments
|
😍
…On Fri, Oct 18, 2024, 12:56 PM 0XFOGBOT ***@***.***> wrote:
Hello. We are utilizing some automated tools to detect potential known
issues.
We noticed that there is a known problem/bug in core/rawdb/accessors_chain.go
at line 337. According to GHSA-4xc9-8hmq-j652
<https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652>,
a vulnerable node can be made to consume very large amounts of memory when
handling specially crafted p2p messages sent from an attacker node. To fix
it, please consider
https://github.com/ethereum/go-ethereum/pull/29534/files.
—
Reply to this email directly, view it on GitHub
<#5>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/BDSUPXU2QWBTAFVIYERLQJ3Z4CWK5AVCNFSM6AAAAABQFI3P5OVHI2DSMVQWIX3LMV43ASLTON2WKOZSGU4TMNRRGQ2DCMA>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello. We are utilizing some automated tools to detect potential known issues.
We noticed that there is a known problem/bug in
core/rawdb/accessors_chain.go at line 337. According to GHSA-4xc9-8hmq-j652, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. To fix it, please consider https://github.com/ethereum/go-ethereum/pull/29534/files.The text was updated successfully, but these errors were encountered: