Moderate severityNVD Advisory· Published Nov 25, 2020· Updated Aug 4, 2024
Denial of service in geth
CVE-2020-26242
Description
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.18, there is a Denial-of-service (crash) during block processing. This is fixed in 1.9.18.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/ethereum/go-ethereumGo | >= 1.9.16, < 1.9.18 | 1.9.18 |
github.com/holiman/uint256Go | >= 0.1.0, < 1.1.1 | 1.1.1 |
Affected products
3- ghsa-coords2 versions
>= 1.9.16, < 1.9.18+ 1 more
- (no CPE)range: >= 1.9.16, < 1.9.18
- (no CPE)range: >= 0.1.0, < 1.1.1
- Range: < 1.9.18
Patches
Vulnerability mechanics
References
9- github.com/advisories/GHSA-jm5c-rv3w-w83mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-26242ghsaADVISORY
- blog.ethereum.org/2020/11/12/geth_security_releaseghsaWEB
- blog.ethereum.org/2020/11/12/geth_security_release/mitrex_refsource_MISC
- github.com/ethereum/go-ethereum/commit/7163a6664ee664df81b9028ab3ba13b9d65a7196ghsaWEB
- github.com/ethereum/go-ethereum/security/advisories/GHSA-jm5c-rv3w-w83mghsax_refsource_CONFIRMWEB
- github.com/holiman/uint256/commit/6785da6e3eea403260a5760029e722aa4ff1716dghsaWEB
- github.com/holiman/uint256/pull/80ghsaWEB
- pkg.go.dev/vuln/GO-2021-0103ghsaWEB
News mentions
0No linked articles in our index yet.