Btcd
CVE-2024-38365
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
btcd is an alternative full node bitcoin implementation written in Go (golang). The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block (or rejecting a valid one). This consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). An attacker can create a standard transaction where FindAndDelete doesn't return a match but removeOpCodeByData does making btcd get a different sighash, leading to a chain split. Importantly, this vulnerability can be exploited remotely by any Bitcoin user and does not require any hash power. This is because the difference in behavior can be triggered by a "standard" Bitcoin transaction, that is a transaction which gets relayed through the P2P network before it gets included in a Bitcoin block. removeOpcodeByData(script []byte, dataToRemove []byte) removes any data pushes from script that contain dataToRemove. However, FindAndDelete only removes exact matches. So for example, with script = "<data> <data||foo>" and dataToRemove = "data" btcd will remove both data pushes but Bitcoin Core's FindAndDelete only removes the first <data> push. This has been patched in btcd version v0.24.2. Users are advised to upgrade. There are no known workarounds for this issue.
AnalysisAI
btcd is an alternative full node bitcoin implementation written in Go (golang). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-670. btcd is an alternative full node bitcoin implementation written in Go (golang). The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block (or rejecting a valid one). This consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). An attacker can create a standard transaction where FindAndDelete doesn't return a match but removeOpCodeByData does making btcd get a different sighash, leading to a chain split. Importantly, this vulnerability can be exploited remotely by any Bitcoin user and does not require any hash power. This is because the difference in behavior can be triggered by a "standard" Bitcoin transaction, that is a transaction which gets relayed through the P2P network before it gets included in a Bitcoin block. removeOpcodeByData(script []byte, dataToRemove []byte) removes any data pushes from script that contain dataToRemove. However, FindAndDelete only removes exact matches. So for example, with script = "<data> <data||foo>" and dataToRemove = "data" btcd will remove both data pushes but Bitcoin Core's FindAndDelete only removes the first <data> push. This has been patched in btcd version v0.24.2. Users are advised to upgrade. There are no known workarounds for this issue. Affected products include: Btcd Project Btcd.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witn
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. Rated medium severity (
btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it susceptibl
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today