Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum (Geth) could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a later date. A patch is included in the upcoming `v1.10.8` release. No workaround are available.
No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/akircanski/coinbugs
- https://github.com/alan-eth/eth-p2p-version-milestones
- https://github.com/blocksecteam/blocksec_academy
- https://github.com/demining/Solidity-Forcibly-Send-Ether-Vulnerability
- https://github.com/gnc-project/galaxynetwork
- https://github.com/smolgroot/rpc-fingerprint