Vulnerability-Lookup

CVE-2024-32972 (GCVE-0-2024-32972)

Vulnerability from cvelistv5 – Published: 2024-05-06 14:26 – Updated: 2024-08-02 02:27

Title

go-ethereum denial of service via malicious p2p message

Summary

go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version `1.13.15` and onwards.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

GitHub_M

References

URL

Tags

	https://github.com/ethereum/go-ethereum/security/…	x_refsource_CONFIRM
	https://github.com/ethereum/go-ethereum/compare/v…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	ethereum	go-ethereum	Affected: < 1.13.15

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ethereum:go_ethereum:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "go_ethereum",
            "vendor": "ethereum",
            "versions": [
              {
                "lessThan": "1.13.15",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-32972",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-09T19:07:59.118874Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:50:49.796Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T02:27:53.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652"
          },
          {
            "name": "https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "go-ethereum",
          "vendor": "ethereum",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.13.15"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version `1.13.15` and onwards."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-06T14:26:19.510Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652"
        },
        {
          "name": "https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15"
        }
      ],
      "source": {
        "advisory": "GHSA-4xc9-8hmq-j652",
        "discovery": "UNKNOWN"
      },
      "title": "go-ethereum denial of service via malicious p2p message"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-32972",
    "datePublished": "2024-05-06T14:26:19.510Z",
    "dateReserved": "2024-04-22T15:14:59.165Z",
    "dateUpdated": "2024-08-02T02:27:53.323Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652\", \"name\": \"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15\", \"name\": \"https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T02:27:53.323Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-32972\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-09T19:07:59.118874Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ethereum:go_ethereum:-:*:*:*:*:*:*:*\"], \"vendor\": \"ethereum\", \"product\": \"go_ethereum\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.13.15\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-09T19:04:42.612Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"go-ethereum denial of service via malicious p2p message\", \"source\": {\"advisory\": \"GHSA-4xc9-8hmq-j652\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"ethereum\", \"product\": \"go-ethereum\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.13.15\"}]}], \"references\": [{\"url\": \"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652\", \"name\": \"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15\", \"name\": \"https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version `1.13.15` and onwards.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-05-06T14:26:19.510Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-32972\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T02:27:53.323Z\", \"dateReserved\": \"2024-04-22T15:14:59.165Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-05-06T14:26:19.510Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-4XC9-8HMQ-J652

Vulnerability from github – Published: 2024-05-06 14:20 – Updated: 2024-08-16 18:15

Summary

go-ethereum vulnerable to DoS via malicious p2p message

Details

Impact

A vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node.

In order to carry out the attack, the attacker establishes a peer connections to the victim, and sends a malicious GetBlockHeadersRequest message with a count of 0, using the ETH protocol.

In descendants := chain.GetHeadersFrom(num+count-1, count-1), the value of count-1 is passed to the function GetHeadersFrom(number, count uint64) as parameter count. Due to integer overflow, UINT64_MAX value is then passed as the count argument to function GetHeadersFrom(number, count uint64). This allows an attacker to bypass maxHeadersServe and request all headers from the latest block back to the genesis block.

Patches

The fix has been included in geth version 1.13.15 and onwards.

The vulnerability was patched in: https://github.com/ethereum/go-ethereum/pull/29534

Workarounds

No workarounds have been made public.

References

No more information is released at this time.

Credit

This issue was disclosed responsibly by DongHan Kim via the Ethereum bug bounty program. Thank you for your cooperation.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/ethereum/go-ethereum"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.13.15"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-32972"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-06T14:20:40Z",
    "nvd_published_at": "2024-05-06T15:15:23Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nA vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node.\n\nIn order to carry out the attack, the attacker establishes a peer connections to the victim, and sends a malicious `GetBlockHeadersRequest` message with a `count` of  `0`, using the `ETH` protocol. \n\nIn `descendants := chain.GetHeadersFrom(num+count-1, count-1)`, the value of `count-1` is passed to the function `GetHeadersFrom(number, count uint64)` as parameter `count`. Due to integer overflow, `UINT64_MAX` value is then passed as the `count` argument to function `GetHeadersFrom(number, count uint64)`. This allows an attacker to bypass `maxHeadersServe` and request all headers from the latest block back to the genesis block. \n\n### Patches\n\nThe fix has been included in geth version `1.13.15` and onwards. \n\nThe vulnerability was patched in: https://github.com/ethereum/go-ethereum/pull/29534\n\n### Workarounds\n\nNo workarounds have been made public. \n\n### References\n\nNo more information is released at this time.\n\n### Credit\n\nThis issue was disclosed responsibly by DongHan Kim via the Ethereum bug bounty program. Thank you for your cooperation. ",
  "id": "GHSA-4xc9-8hmq-j652",
  "modified": "2024-08-16T18:15:47Z",
  "published": "2024-05-06T14:20:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32972"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-4xc9-8hmq-j652"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ethereum/go-ethereum"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "go-ethereum vulnerable to DoS via malicious p2p message"
}

FKIE_CVE-2024-32972

Vulnerability from fkie_nvd - Published: 2024-05-06 15:15 - Updated: 2024-11-21 09:16

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15
	security-advisories@github.com	https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version `1.13.15` and onwards."
    },
    {
      "lang": "es",
      "value": "go-ethereum (geth) es una implementaci\u00f3n de la capa de ejecuci\u00f3n golang del protocolo Ethereum. Antes de 13.01.15, se pod\u00eda hacer que un nodo vulnerable consumiera cantidades muy grandes de memoria al manejar mensajes p2p especialmente manipulados enviados desde un nodo atacante. La soluci\u00f3n se incluy\u00f3 en la versi\u00f3n geth `1.13.15` y posteriores."
    }
  ],
  "id": "CVE-2024-32972",
  "lastModified": "2024-11-21T09:16:08.450",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-06T15:15:23.130",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

GSD-2024-32972

Vulnerability from gsd - Updated: 2024-04-23 05:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-32972

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-32972"
      ],
      "id": "GSD-2024-32972",
      "modified": "2024-04-23T05:02:10.318245Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-32972",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-32972 (GCVE-0-2024-32972)

GHSA-4XC9-8HMQ-J652

Impact

Patches

Workarounds

References

Credit

FKIE_CVE-2024-32972

GSD-2024-32972

Tags

Sightings

Nomenclature