Moderate severityNVD Advisory· Published Oct 26, 2021· Updated Aug 4, 2024
DoS via maliciously crafted p2p message
CVE-2021-41173
Description
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/ethereum/go-ethereumGo | < 1.10.9 | 1.10.9 |
Affected products
2- Range: < 1.10.9
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-59hh-656j-3p7vghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-41173ghsaADVISORY
- github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738ghsax_refsource_MISCWEB
- github.com/ethereum/go-ethereum/pull/23657/commits/f1fd963a5a965e643e52fcf805a2a02a323c32b8ghsaWEB
- github.com/ethereum/go-ethereum/pull/23801ghsax_refsource_MISCWEB
- github.com/ethereum/go-ethereum/releases/tag/v1.10.9ghsax_refsource_MISCWEB
- github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7vghsax_refsource_CONFIRMWEB
- pkg.go.dev/vuln/GO-2022-0256ghsaWEB
News mentions
0No linked articles in our index yet.