CVE-2018-17144 Information

Description

Bitcoin Core 0.14.x before 0.14.3 0.15.x before 0.15.2 and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://bitcoincore.org/en/2018/09/18/release-0.16.3/ https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_ExposuresCVE-2018-17144 https://github.com/bitcoin/bitcoin/blob/v0.16.3/doc/release-notes.md https://github.com/bitcoinknots/bitcoin/blob/v0.16.3.knots20180918/doc/release-notes.md https://github.com/JinBean/CVE-Extension

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5