CVE-2021-43668

Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal.
References
Link Resource
https://github.com/ethereum/go-ethereum/issues/23866 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ethereum:go_ethereum:1.10.9:*:*:*:*:*:*:*

History

23 Nov 2021, 17:06

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 2.1
v3 : 5.5
CPE cpe:2.3:a:ethereum:go_ethereum:1.10.9:*:*:*:*:*:*:*
References (MISC) https://github.com/ethereum/go-ethereum/issues/23866 - (MISC) https://github.com/ethereum/go-ethereum/issues/23866 - Third Party Advisory
CWE CWE-476

18 Nov 2021, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-11-18 16:15

Updated : 2021-11-23 17:06


NVD link : CVE-2021-43668

Mitre link : CVE-2021-43668


JSON object : View

Products Affected

ethereum

  • go_ethereum
CWE
CWE-476

NULL Pointer Dereference