cbcvebase.
CVE-2018-17144
published 2018-09-19

CVE-2018-17144: Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial…

PriorityP339high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
ITW
Exploited in the wild
EPSS
6.75%
93.2th percentile
Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.

Affected

5 ranges
VendorProductVersion rangeFixed in
bitcoinbitcoin_core>= 0.14.0 < 0.14.30.14.3
bitcoinbitcoin_core>= 0.15.0 < 0.15.20.15.2
bitcoinbitcoin_core>= 0.16.0 < 0.16.30.16.3
bitcoinknotsbitcoin_knots>= 0.14.0 < 0.16.30.16.3
debianlitecoin< litecoin 0.16.3-1 (bookworm)litecoin 0.16.3-1 (bookworm)

Detection & IOCsextracted from sources · hover to see the quote

versionBitcoin Core 0.14.x before 0.14.3
versionBitcoin Core 0.15.x before 0.15.2
versionBitcoin Core 0.16.x before 0.16.3
hashb8f8019
hasheecffe5
hash5083079
hash3533fb4
  • The vulnerability is exploitable by miners crafting a transaction that double spends (duplicate input), causing a DoS crash of any node that receives a mined block containing such a transaction.
  • The vulnerability is classified as a reachable assertion weakness (CWE-617); monitor for unexpected assertion failures or crashes in bitcoind/Bitcoin-Qt processes triggered by block processing.
  • An attacker can make bitcoind or Bitcoin-Qt crash; monitor for abnormal process termination of these processes as an indicator of exploitation.
  • Identify Bitcoin/altcoin nodes running versions prior to the fixed releases (Bitcoin Core 0.14.3, 0.15.2, 0.16.3) as vulnerable targets; patch adoption was only 31.65% of all nodes after a full year from disclosure.
  • ·The vulnerability is exploitable only by miners (block producers), as the malicious duplicate-input transaction must be included in a mined block to crash receiving nodes.
  • ·The vulnerability was present since 2017 but patched only in 2019 across the broader ecosystem; many Bitcoin clone projects may still be unpatched.
  • ·CVE-2018-17144 has been extended to cover 384 additional cryptocurrency projects; detection scope should include Bitcoin clones, not just Bitcoin Core and Bitcoin Knots.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_debian7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.