Threat Advisory

High Severity Use After Free Vulnerability Impacts Node Stability

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

CVE-2024-52911 with a CVSS score of 7.5 is a use-after-free vulnerability in Bitcoin Core, specifically affecting versions 0.14.0 and later, including the latest version 29.0. The flaw lies in the way Bitcoin Core validates transactions in parallel, utilizing objects called CScriptCheck to speed up the process. These objects rely on pre-calculated information stored in PrecomputedTransactionData; however, due to a C++ memory management error involving pointer reliance and destruction order, the precomputed data is destroyed while background threads are still active, leading to a node crash when the threads attempt to read the data. An attacker capable of mining a block with sufficient proof-of-work could exploit this vulnerability to crash victim nodes, posing a high risk to network stability and potentially targeting specific exchanges and mining pools. While the primary threat is a denial-of-service attack, the vulnerability could, in theory, lead to Remote Code Execution, albeit with strict constraints on block data making such an outcome unlikely.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

CVE-2024-52911 with a CVSS score of 7.5 is a use-after-free vulnerability in Bitcoin Core, specifically affecting versions 0.14.0 and later, including the latest version 29.0. The flaw lies in the way Bitcoin Core validates transactions in parallel, utilizing objects called CScriptCheck to speed up the process. These objects rely on pre-calculated information stored in PrecomputedTransactionData; however, due to a C++ memory management error involving pointer reliance and destruction order, the precomputed data is destroyed while background threads are still active, leading to a node crash when the threads attempt to read the data. An attacker capable of mining a block with sufficient proof-of-work could exploit this vulnerability to crash victim nodes, posing a high risk to network stability and potentially targeting specific exchanges and mining pools. While the primary threat is a denial-of-service attack, the vulnerability could, in theory, lead to Remote Code Execution, albeit with strict constraints on block data making such an outcome unlikely.[emaillocker id="1283"]

RECOMMENDATION:

  • We recommend you to update Bitcoin Core to version 29.0 or later.

REFERENCES:

The following reports contain further technical details:
https://securityonline.info/bitcoin-core-cve-2024-52911-use-after-free-node-crash-fix/

[/emaillocker]
crossmenu