Description: btcd is an alternative full node bitcoin implementation written in Go (golang). The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core’s “FindAndDelete()” functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block (or rejecting a valid one). This consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). An attacker can create a standard transaction where FindAndDelete doesn’t return a match but removeOpCodeByData does making btcd get a different sighash, leading to a chain split. Importantly, this vulnerability can be exploited remotely by any Bitcoin user and does not require any hash power. This is because the difference in behavior can be triggered by a “standard” Bitcoin transaction, that is a transaction which gets relayed through the P2P network before it gets included in a Bitcoin block. `removeOpcodeByData(script []byte, dataToRemove []byte)` removes any data pushes from `script` that contain `dataToRemove`. However, `FindAndDelete` only removes exact matches. So for example, with `script = “
CVE-2024-38365
CVSS Score: 7.4 (HIGH)
EPSS Score: 0.04%
Risk Score: 5.18 (HIGH)
Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.
Mitre ATT&CK Technical v15.1
T1053.002 – At
Technical Analysis & Mitigation Measures
1. Technical Attack Analysis:
– Attack Techniques :
– Chain Split : Exploiting the discrepancy in the implementation of the “FindAndDelete()” functionality can lead to the acceptance of invalid blocks by btcd clients. This can result in a chain split, where the btcd network diverges from the Bitcoin Core network, creating two separate blockchains.
– Denial of Service (DoS) : The vulnerability can also be utilized to cause denial of service for btcd nodes by forcing them to reject valid transactions, disrupting normal operations and potentially leading to a loss of trust in the network.
– Remote Exploitation : The vulnerability can be triggered by any Bitcoin user remotely, making it accessible and exploitable without the need for a significant investment in resources such as hash power.
– Consensus Failure : Since the vulnerability affects consensus-critical functionality, it can undermine the integrity of the entire network, leading to discrepancies in transaction confirmations and block validity.
2. Mitigation Measures:
– Upgrade to btcd version v0.24.2 or later.
– Implement monitoring for unusual transaction patterns that may indicate exploitation attempts.
– Educate users about the importance of using the latest software versions.
– Consider using Bitcoin Core or other supported implementations for critical operations.
– Conduct regular security audits and code reviews of the software.
– Establish incident response protocols for handling potential exploitation of this vulnerability.
The content above is generated by AI. Please review and consider carefully before applying!
Reference Links
Vendor - Produce - Version
Disclaimer
The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.