CVE-2023-33297

CVSS V2 None CVSS V3 None

Description

Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.

Overview

CVE ID
CVE-2023-33297

Assigner
cve@mitre.org

Vulnerability Status
Received

Published Version
2023-05-22T05:15:09

Last Modified Date
2023-05-22T05:15:09

References

Reference URL	Reference Tags
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures
https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.1.md
https://github.com/bitcoin/bitcoin/issues/27586
https://github.com/bitcoin/bitcoin/issues/27623
https://github.com/bitcoin/bitcoin/pull/27610

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-33297
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33297

History

Created	Old Value	New Value	Data Type	Notes
2023-05-22 06:00:33				Added to TrackCVE