CVE-2021-43668
published 2021-11-18CVE-2021-43668: Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid…
PriorityP416medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
0.25%
16.3th percentile
Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ethereum | go_ethereum | — | — |
| github.com | ethereum_go-ethereum | 0 – 1.10.9 | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
osv5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Denial of Service in Go-Ethereum
ghsa·2021-11-23
CVE-2021-43668 [MEDIUM] CWE-476 Denial of Service in Go-Ethereum
Denial of Service in Go-Ethereum
Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal.
OSV
Denial of Service in Go-Ethereum
osv·2021-11-23
CVE-2021-43668 [MEDIUM] Denial of Service in Go-Ethereum
Denial of Service in Go-Ethereum
Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal.
OSV
CVE-2021-43668: Go-Ethereum 1
osv·2021-11-18·CVSS 5.5
CVE-2021-43668 [MEDIUM] CVE-2021-43668: Go-Ethereum 1
Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-11-18
Published