Impact
A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node.
Details
The p2p handler spawned a new goroutine to respond to ping requests. By flooding a node with ping requests, an unbounded number of goroutines can be created, leading to resource exhaustion and potentially crash due to OOM.
Patches
The fix is included in geth version 1.12.1-stable, i.e, 1.12.2-unstable and onwards.
Fixed by #27887
Workarounds
No known workarounds.
Credits
This bug was reported by Patrick McHardy and reported via bounty@ethereum.org.
References
Impact
A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node.
Details
The p2p handler spawned a new goroutine to respond to
pingrequests. By flooding a node with ping requests, an unbounded number of goroutines can be created, leading to resource exhaustion and potentially crash due to OOM.Patches
The fix is included in geth version
1.12.1-stable, i.e,1.12.2-unstableand onwards.Fixed by #27887
Workarounds
No known workarounds.
Credits
This bug was reported by Patrick McHardy and reported via bounty@ethereum.org.
References