Informed Crypto News
High severity bug in Bitcoin Core affects 17% of full nodes
Headline, high severity bug in Bitcoin Core affects 17% of full nodes, published at 11.01 AM, September 20, 2024 on Protos.com. Bitcoin Core developers have issued a new high severity warning about a software bug on one in every six Bitcoin nodes. On Thursday, workers at the open source Bitcoin Core project who maintain the software running on over 98% of reachable full nodes, disclose that there is a major security problem with the software running on 17% of the network. Specifically, all software prior to Bitcoin Core version 24.0.1 is at risk. This denial of service bug affects approximately 3330 of the 19,200 self-declared user agents of reachable Bitcoin full nodes, according to surveillance estimates from bit nodes. In pre-24.01 Bitcoin Core software, a malicious actor can spam nodes with low difficulty header chains. By forcing nodes to download and store extremely long chains of headers, the attack could crash the node by overwhelming bandwidth or storage on the device. Developers patched this bug in Bitcoin Core pull request PR number 25,717 and merged that into production on December 12, 2022 with the release of V24.0.1. The current version of Bitcoin Core node software now at 27.1 includes this and other bug fixes. Although quite serious, few known exploits of this bug exist on the public record. The bug has little financial benefit to the attacker as it's quite expensive to generate and broadcast header chains to execute the denial of service. Nevertheless, it is a security vulnerability that could be exploited by an extremely wealthy, powerful or sophisticated actor such as a nation who wanted to disrupt the operations of Bitcoin for non-financial or financially deferred reasons. Subheading. Why Bitcoin Core developers are disclosing this bug? As months have gone by, however, the Bitcoin Core project has disclosed bugs affecting more and more recent versions. Thursday's release describes significant risks to software versions 24 and prior, including software as recent as May 18, 2023. As a result, this transparency rollout by Bitcoin Core developers, which many observers initially dismissed as a historical curiosity, is quickly making a present-day impact. Unless Bitcoin node operators update their software, up to 17 percent of the network could be at risk of a denial of service attack. This recording was AI-generated. Get more crypto news at Protos.com.