CVE-2019-25220

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 18, 2024

CWE ID 770

Summary

CVE-2019-25220 is a denial-of-service vulnerability affecting Bitcoin Core versions prior to 24.0.1. A remote attacker can cause a daemon crash by flooding the node with a large number of low-difficulty header chains. Bitcoin Core nodes fail to verify the work commitment of the presented chain before storing it, making them vulnerable to a "Chain Width Expansion" attack. This issue can lead to a denial-of-service condition, potentially impacting the overall Bitcoin network performance.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

CORE

Affected Vendors

JET Charge Pty Ltd

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/0pKw9O
https://www.cve.org/CVERecord?id=CVE-2019-25220
https://nvd.nist.gov/vuln/detail/CVE-2019-25220

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners