Vulnerability Description
The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. The vulnerable remote node would be crashed by such an attack immediately, aka the EPoD (Ethereum Packet of Death) issue.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ethereum | Go Ethereum | < 1.8.11 |
Related Weaknesses (CWE)
References
- https://github.com/ethereum/go-ethereum/commit/a5237a27eaf81946a3edb4fafe13ed635PatchThird Party Advisory
- https://github.com/ethereum/go-ethereum/pull/16891Issue TrackingPatchThird Party Advisory
- https://github.com/ethereum/go-ethereum/releases/tag/v1.8.11Third Party Advisory
- https://peckshield.com/2018/06/27/EPoD/ExploitThird Party Advisory
- https://github.com/ethereum/go-ethereum/commit/a5237a27eaf81946a3edb4fafe13ed635PatchThird Party Advisory
- https://github.com/ethereum/go-ethereum/pull/16891Issue TrackingPatchThird Party Advisory
- https://github.com/ethereum/go-ethereum/releases/tag/v1.8.11Third Party Advisory
- https://peckshield.com/2018/06/27/EPoD/ExploitThird Party Advisory
FAQ
What is CVE-2018-12018?
CVE-2018-12018 is a vulnerability with a CVSS score of 7.5 (HIGH). The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, wh...
How severe is CVE-2018-12018?
CVE-2018-12018 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-12018?
Check the references section above for vendor advisories and patch information. Affected products include: Ethereum Go Ethereum.