[bitcoin-dev] CVE-2018-17145: Bitcoin Inventory Out-of-Memory Denial-of-Service Attack

Braydon Fuller braydon at purse.io
Wed Sep 9 13:28:38 UTC 2020


Hi everyone:

We would like to share a paper and website for CVE-2018-17145 that was
found in mid-2018.

There was an easily exploitable uncontrolled memory resource consumption
denial-of-service vulnerability that existed in the peer-to-peer network
code of three implementations of Bitcoin and several alternative chains.

For more details please see:
https://invdos.net/

For the paper:
https://invdos.net/paper/CVE-2018-17145.pdf

Best,
Braydon Fuller




More information about the bitcoin-dev mailing list