- A vulnerability in Bitcoin Core versions before 25.0 allows remote shutdown attacks on over 13% of nodes.
- Bitcoin Core version 25.0 fixes a critical flaw in handling ‘blocktxn’ messages, improving network security.
Recently, developers of Bitcoin exposed a serious software flaw compromising more than 13% of the nodes enforcing the network policies. Found as CVE-2024-35202, the issue affects nodes running Bitcoin Core versions past 25.0. According to Protos, remote shutdown attacks are a vulnerability of these nodes resulting from the way the program manages “blocktxn.”
Exploiting Conflicts in Compact Block Protocol to Crash Vulnerable Bitcoin Nodes
This weakness might let a hacker put a node into an incorrect state, hence bringing about a crash. The problem results from the compact block protocol, which uses abbreviated transaction IDs to cut bandwidth use.
Although the protocol offers efficiency, it gives hackers the opportunity to start conflicts, which causes nodes to demand a complete block that can lead to the failure of the system.
Niklas Gögge found and reported the vulnerability; he also took care to provide the fix for it. Released in May 2023, Bitcoin Core version 25.0 included this repair. Nevertheless, a good number of nodes have not upgraded even with this version released, so they remain open to possible attack.
Since the bug does not offer regular hackers any significant financial benefit, they are less likely to use it. Larger parties, like governments or businesses, trying to upset the Bitcoin network could, however, use it.
The vulnerability fits a larger trend of engineers finding major weaknesses in earlier Bitcoin Core iterations. Node operators have to manually download and apply fresh versions since the Bitcoin Core program does not update automatically. Nodes using obsolete software remain vulnerable to attacks that might shut them down remotely without these updates.
About 13.7% of Bitcoin nodes still carry danger right now. To guard against these and other vulnerabilities, developers highly advise node operators to upgrade to the most recent version of Bitcoin Core.
Bitcoin Core creators keep improving the security and stability of the system in a continuous attempt to guard the network. As we previously reported, Bitcoin Core version 28.0 was lately published to fix another flaw found in September.
Without sacrificing the functionality of the software, this upgrade adds further security layers, therefore enhancing user privacy and the general network resilience.
Meanwhile, the BTC price at the time of writing is about $62,804.68, a slight rise of 0.36% over the last 24 hours.
Recommended for you:
Source: https://www.crypto-news-flash.com/critical-bug-in-bitcoin-core-exposes-13-of-nodes-to-remote-shutdown/?utm_source=rss&utm_medium=rss&utm_campaign=critical-bug-in-bitcoin-core-exposes-13-of-nodes-to-remote-shutdown