CVE-2018-19184NULL Pointer Dereference in Ethereum Go-ethereum

CWE-476NULL Pointer Dereference6 documents5 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 37.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Github.com Ethereum Go-ethereumEthereum GO Ethereum
Timeline
PublishedNov 12
Latest updateAug 21

Description

cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to cause a denial of service (SEGV) via crafted bytecode.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

🔴Vulnerability Details

4
OSV
Go Ethereum Denial of Service in github.com/ethereum/go-ethereum2024-08-21
OSV
Go Ethereum Denial of Service2021-06-29
GHSA
Go Ethereum Denial of Service2021-06-29
CVEList
CVE-2018-19184: cmd/evm/runner2018-11-12

📄Research Papers

1
arXiv
A Survey of DeFi Security: Challenges and Opportunities2022-10-25
CVE-2018-19184 — NULL Pointer Dereference | cvebase