Security Alert – Geth suffers from a very low probable DoS attack vector – Update immediately

Affected configurations: All Go client versions 

Likelihood: Very low

Severity: High

Details: A bug in Geth (and potentially other clients) may suffer from a DoS attack and allows remote attackers to stall synchronisation process almost indefinitely by supplying a valid, lighter chain. More information will be given out a later time including the report that was submitted through the bug bounty program.

Effects on expected chain reorganisation depth: None

Proposed temporary workaround: None

Remedial action taken by Ethereum: Provision of hotfixes as below:

If you’re using Mist: download the updated binary from the release page

If using the PPA: sudo apt-get update then sudo apt-get upgrade

If using brew: brew update then brew reinstall ethereum

If using a windows binary: download the updated binary from the release page

If you are building from source: git pull followed by make geth (please use the Master branch 94ad694a26ca3f7776ec8240802596755e5d5c0a)

Source link

Leave a comment

Your email address will not be published. Required fields are marked *

  • bitcoinBitcoin (BTC) $ 65,346.00
  • tetherTether (USDT) $ 0.999829
  • xrpXRP (XRP) $ 0.612383
  • staked-etherLido Staked Ether (STETH) $ 3,496.13
  • usd-coinUSDC (USDC) $ 1.00
  • dogecoinDogecoin (DOGE) $ 0.125853
  • leo-tokenLEO Token (LEO) $ 5.84