Zebra CVE-2026-52736
HIGHSeverity by source
Remote unauthenticated over P2P (AV:N/PR:N/UI:N); winning the propagation race makes it AC:H; impact is availability-only node stall (A:H, C/I:N), no scope change.
Lifecycle Timeline
1DescriptionCVE.org
Description
Am I affected
You are affected if:
- You run any version of
zebradup to and includingv4.4.1. - Your node accepts inbound P2P connections (
network.listen_addris set, which is the default). - Your node processes blocks past the checkpoint height (non-finalized state is active).
All default configurations are affected.
Summary
Zebra records a block hash in non_finalized_block_write_sent_hashes when the block is sent to the write task, before contextual validation completes. If validation fails, the hash is not removed. A remote unauthenticated peer can deliver a poisoned block body that shares a header hash with a later valid canonical block. The poisoned body is rejected, but the hash remains cached. When the valid canonical block arrives, Zebra treats it as a duplicate and rejects it. The node cannot advance past that height until restart or a reorg event.
Details
ZIP-244 defines txid_v5 without binding transparent input scriptSig, which lives in auth_digest and is committed to by hashBlockCommitments in the block header. Because merkle_root is computed over txids (not auth digests), and the block hash is computed over the header, an attacker can construct two blocks with identical header hashes but different transaction bodies by mutating the coinbase scriptSig.
The attack flow over P2P:
- Attacker observes a new block header (from any peer).
- Attacker constructs a poisoned body by flipping a byte of the coinbase scriptSig extra-data section. The block hash is unchanged.
- Attacker advertises the block hash via
invto the target node. - Target requests the block via
getdata; attacker serves the poisoned body. - Zebra adds the hash to
non_finalized_block_write_sent_hashesbefore validation. - The write task rejects the body at
block_commitment_is_valid_for_chain_history(auth_data_root mismatch). - The hash is not removed from
non_finalized_block_write_sent_hashes. - When the valid canonical block arrives (from honest peers or RPC),
queue_and_commit_to_non_finalized_statesees the hash in the cache and returnsKnownBlock::WriteChannelduplicate. - The node is stuck at height N-1.
A secondary variant exists where chain pruning (via MAX_NON_FINALIZED_CHAIN_FORKS) removes a chain from chain_set but leaves its block hashes in non_finalized_block_write_sent_hashes, producing the same lockout for children of the pruned fork.
Patches
Patched in Zebra 4.4.2. The fix removes stale entries from non_finalized_block_write_sent_hashes on every failed non-finalized write path.
Workarounds
There is no complete configuration-level workaround. Reducing the node's inbound peer count (network.peerset_initial_target_size) narrows the attack surface but does not eliminate it. Restarting the node clears the in-memory cache and allows the valid block to be re-fetched.
Impact
A remote unauthenticated P2P peer can permanently stall a targeted Zebra node at a specific block height. The node diverges from the network tip; downstream consumers (lightwalletd, wallets, explorers, mining infrastructure) relying on the node see a stalled chain. The attack requires winning a propagation race: delivering the poisoned block body before honest peers deliver the canonical block. A well-positioned attacker (low-latency connection to the target, observation of new blocks from other peers) can reliably win this race. In sustained form, the attacker repeats for each new block, keeping the target permanently behind.
Recovery requires restarting the node (which clears the in-memory sent-hash cache) or waiting for a reorg at the affected height (rare on the canonical chain).
Credit
Reported independently by @ipwning (primary, with ZIP-244 malleability analysis and zcashd cross-reference) and @x15-eth (first reporter, with E2E reproduction and control experiment).
AnalysisAI
Remote denial-of-service in Zebra (zebrad ≤ v4.4.1), the Zcash Foundation's Rust node, lets an unauthenticated P2P peer permanently stall a targeted node at a chosen block height. By exploiting ZIP-244 transaction malleability, an attacker crafts a poisoned block body sharing the same header hash as a valid canonical block; Zebra caches the hash before validation and never evicts it on failure, so the legitimate block is later rejected as a duplicate. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the target runs zebrad ≤ v4.4.1 with inbound P2P connections enabled (`network.listen_addr` set - the default) and is operating in non-finalized state (processing blocks past the checkpoint height). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | No CVSS was supplied by the source, so severity signals must be inferred. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker maintaining a low-latency connection to a target Zebra node observes a freshly announced block header from the gossip network, flips a byte in the coinbase scriptSig extra-data to build a same-hash poisoned body, and advertises the hash via `inv`. When the target issues `getdata`, the attacker serves the poisoned body faster than honest peers deliver the real block, poisoning the sent-hash cache so the canonical block is later rejected as a duplicate and the node freezes at height N-1. … |
| Remediation | Primary fix: upgrade to Zebra 4.4.2, which removes stale entries from `non_finalized_block_write_sent_hashes` on every failed non-finalized write path (Vendor-released patch: Zebra 4.4.2). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Inventory all Zebra node instances in production; document versions and assess operational impact if individual nodes become unavailable. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Checkpoint
View allbackend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to e
The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data
PyTorch is a Python package that provides tensor computation. [CVSS 8.8 HIGH]
Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. Rated high sever
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the inte
Remote code execution in PyTorch Lightning through 2.6.5 allows an attacker who can get a victim to load a malicious che
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH lo
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security clien
Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 (730159141) and R75.20.x bef
Arbitrary code execution via torch-checkpoint-shrink.py script in ml-engineering project allows remote attackers to exec
Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without us
Arbitrary code execution in Snorkel machine learning library (≤v0.10.0) occurs when users load malicious model checkpoin
Same weakness CWE-459 – Incomplete Cleanup
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-4m69-67m6-prqp