← voltar
CVE-2020-26240

Erroneous Proof of Work calculation in geth

CVSS 5.3 MEDIUMEPSS 1.6%CWE-682
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth before version 1.9.24 could cause miners to erroneously calculate PoW in an upcoming epoch (estimated early January, 2021). This happened on the ETC chain on 2020-11-06. This issue is relevant only for miners, non-mining nodes are unaffected. This issue is fixed as of 1.9.24
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Produtos afetados
ethereum · go-ethereum

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://blog.ethereum.org/2020/11/12/geth_security_release/https://github.com/ethereum/go-ethereum/commit/d990df909d7839640143344e79356754384dcdd0https://github.com/ethereum/go-ethereum/pull/21793https://github.com/ethereum/go-ethereum/security/advisories/GHSA-v592-xf75-856p