Vulnerability Description
Bitcoin Core through 27.2 allows transaction-relay jamming via an off-chain protocol attack, a related issue to CVE-2024-52913. For example, the outcome of an HTLC (Hashed Timelock Contract) can be changed because a flood of transaction traffic prevents propagation of certain Lightning channel transactions.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitcoin | Bitcoin Core | <= 27.2 |
Related Weaknesses (CWE)
References
- https://ariard.github.ioThird Party Advisory
- https://bitcoincore.orgProduct
- https://delvingbitcoin.org/t/full-disclosure-transaction-relay-throughput-overflIssue Tracking
- https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_ExposuresThird Party Advisory
- https://gnusha.org/pi/bitcoindev/CALZpt+EptER=p+P7VN3QAb9n=dODA9_LnR9xZwWpRsdAweMailing List
FAQ
What is CVE-2024-55563?
CVE-2024-55563 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Bitcoin Core through 27.2 allows transaction-relay jamming via an off-chain protocol attack, a related issue to CVE-2024-52913. For example, the outcome of an HTLC (Hashed Timelock Contract) can be ch...
How severe is CVE-2024-55563?
CVE-2024-55563 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-55563?
Check the references section above for vendor advisories and patch information. Affected products include: Bitcoin Bitcoin Core.