cvelistv5 - cve-2021-41173

CVE-2021-41173 (GCVE-0-2021-41173)

Vulnerability from cvelistv5 – Published: 2021-10-26 14:05 – Updated: 2024-08-04 02:59

Summary

Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.

Severity ?

5.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

CWE

CWE-20 - Improper Input Validation

Assigner

GitHub_M

References

URL

Tags

	https://github.com/ethereum/go-ethereum/security/…	x_refsource_CONFIRM
	https://github.com/ethereum/go-ethereum/pull/23801	x_refsource_MISC
	https://github.com/ethereum/go-ethereum/commit/e4…	x_refsource_MISC
	https://github.com/ethereum/go-ethereum/releases/…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	ethereum	go-ethereum	Affected: < 1.10.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:59:31.575Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ethereum/go-ethereum/pull/23801"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "go-ethereum",
          "vendor": "ethereum",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.10.9"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-26T14:05:12",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ethereum/go-ethereum/pull/23801"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9"
        }
      ],
      "source": {
        "advisory": "GHSA-59hh-656j-3p7v",
        "discovery": "UNKNOWN"
      },
      "title": "DoS via maliciously crafted p2p message ",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-41173",
          "STATE": "PUBLIC",
          "TITLE": "DoS via maliciously crafted p2p message "
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "go-ethereum",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 1.10.9"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ethereum"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20: Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v",
              "refsource": "CONFIRM",
              "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v"
            },
            {
              "name": "https://github.com/ethereum/go-ethereum/pull/23801",
              "refsource": "MISC",
              "url": "https://github.com/ethereum/go-ethereum/pull/23801"
            },
            {
              "name": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738",
              "refsource": "MISC",
              "url": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738"
            },
            {
              "name": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9",
              "refsource": "MISC",
              "url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-59hh-656j-3p7v",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-41173",
    "datePublished": "2021-10-26T14:05:12",
    "dateReserved": "2021-09-15T00:00:00",
    "dateUpdated": "2024-08-04T02:59:31.575Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ethereum:go_ethereum:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.10.9\", \"matchCriteriaId\": \"DA383AD6-A083-453C-BED8-C2C8BCCDEEDE\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.\"}, {\"lang\": \"es\", \"value\": \"Go Ethereum es la implementaci\\u00f3n oficial en Golang del protocolo Ethereum. En versiones anteriores a 1.10.9, un nodo vulnerable es susceptible de bloquearse cuando procesa un mensaje maliciosamente dise\\u00f1ado de un compa\\u00f1ero. La versi\\u00f3n v1.10.9 contiene parches para la vulnerabilidad. No se conocen soluciones aparte de la actualizaci\\u00f3n\"}]",
      "id": "CVE-2021-41173",
      "lastModified": "2024-11-21T06:25:40.247",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H\", \"baseScore\": 5.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:N/I:N/A:P\", \"baseScore\": 3.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.8, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2021-10-26T14:15:08.130",
      "references": "[{\"url\": \"https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ethereum/go-ethereum/pull/23801\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ethereum/go-ethereum/pull/23801\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-41173\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2021-10-26T14:15:08.130\",\"lastModified\":\"2024-11-21T06:25:40.247\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.\"},{\"lang\":\"es\",\"value\":\"Go Ethereum es la implementaci\u00f3n oficial en Golang del protocolo Ethereum. En versiones anteriores a 1.10.9, un nodo vulnerable es susceptible de bloquearse cuando procesa un mensaje maliciosamente dise\u00f1ado de un compa\u00f1ero. La versi\u00f3n v1.10.9 contiene parches para la vulnerabilidad. No se conocen soluciones aparte de la actualizaci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":5.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.1,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:N/A:P\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ethereum:go_ethereum:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.10.9\",\"matchCriteriaId\":\"DA383AD6-A083-453C-BED8-C2C8BCCDEEDE\"}]}]}],\"references\":[{\"url\":\"https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ethereum/go-ethereum/pull/23801\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ethereum/go-ethereum/pull/23801\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

GHSA-59HH-656J-3P7V

Vulnerability from github – Published: 2021-10-25 19:42 – Updated: 2023-08-29 18:55

Summary

Geth Node Vulnerable to DoS via maliciously crafted p2p message

Details

Impact

A vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer, via the snap/1 protocol. The crash can be triggered by sending a malicious snap/1 GetTrieNodes package.

Details

On September 21, 2021, geth-team member Gary Rong (@rjl493456442) found a way to crash the snap request handler . By using this vulnerability, a peer connected on the snap/1 protocol could cause a vulnerable node to crash with a panic.

In the trie.TryGetNode implementation, if the requested path is reached, the associated node will be returned. However the nilness is not checked there.

func (t *Trie) tryGetNode(origNode node, path []byte, pos int) (item []byte, newnode node, resolved int, err error) {
    // If we reached the requested path, return the current node
    if pos >= len(path) {
        // Although we most probably have the original node expanded, encoding
        // that into consensus form can be nasty (needs to cascade down) and
        // time consuming. Instead, just pull the hash up from disk directly.
        var hash hashNode
        if node, ok := origNode.(hashNode); ok {
            hash = node
        } else {
            hash, _ = origNode.cache()
        }

More specifically the origNode can be nil(e.g. the child of fullnode) and system can panic at line hash, _ = origNode.cache().

When investigating this, @holiman tried to find it via fuzzing, which uncovered a second crasher, also related to the snap GetTrieNodes package. If the caller requests a storage trie:

                // Storage slots requested, open the storage trie and retrieve from there
                account, err := snap.Account(common.BytesToHash(pathset[0]))
                loads++ // always account database reads, even for failures
                if account == nil {
                    break
                }
                stTrie, err := trie.NewSecure(common.BytesToHash(account.Root), triedb)

The code assumes that snap.Account returns either a non-nil response unless error is also provided. This is however not the case, since snap.Account can return nil, nil.

Patches

--- a/eth/protocols/snap/handler.go
+++ b/eth/protocols/snap/handler.go
@@ -469,7 +469,7 @@ func handleMessage(backend Backend, peer *Peer) error {
                // Storage slots requested, open the storage trie and retrieve from there
                account, err := snap.Account(common.BytesToHash(pathset[0]))
                loads++ // always account database reads, even for failures
-               if err != nil {
+               if err != nil || account == nil {
                    break
                }
                stTrie, err := trie.NewSecure(common.BytesToHash(account.Root), triedb)
diff --git a/trie/trie.go b/trie/trie.go
index 7ea7efa835..d0f0d4e2bc 100644
--- a/trie/trie.go
+++ b/trie/trie.go
@@ -174,6 +174,10 @@ func (t *Trie) TryGetNode(path []byte) ([]byte, int, error) {
 }

 func (t *Trie) tryGetNode(origNode node, path []byte, pos int) (item []byte, newnode node, resolved int, err error) {
+   // If non-existent path requested, abort
+   if origNode == nil {
+       return nil, nil, 0, nil
+   }
    // If we reached the requested path, return the current node
    if pos >= len(path) {
        // Although we most probably have the original node expanded, encoding
@@ -193,10 +197,6 @@ func (t *Trie) tryGetNode(origNode node, path []byte, pos int) (item []byte, new
    }
    // Path still needs to be traversed, descend into children
    switch n := (origNode).(type) {
-   case nil:
-       // Non-existent path requested, abort
-       return nil, nil, 0, nil
-
    case valueNode:
        // Path prematurely ended, abort
        return nil, nil, 0, nil

The fixes were merged into #23657, with commit f1fd963, and released as part of Geth v1.10.9 on Sept 29, 2021.

Workarounds

Apply the patch above or upgrade to a version which is not vulnerable.

For more information

If you have any questions or comments about this advisory: * Open an issue in go-ethereum * Email us at security@ethereum.org

Severity ?

5.7 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/ethereum/go-ethereum"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.10.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-41173"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-10-25T18:23:10Z",
    "nvd_published_at": "2021-10-26T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nA vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer, via the `snap/1` protocol. The crash can be triggered by sending a malicious `snap/1` `GetTrieNodes` package. \n\n### Details\n\nOn September 21, 2021, geth-team member Gary Rong (@rjl493456442) found a way to crash the snap request handler . \nBy using this vulnerability, a peer connected on the `snap/1` protocol could cause a vulnerable node to crash with a `panic`.\n\nIn the `trie.TryGetNode` implementation, if the requested path is reached, the associated node will be returned. However the nilness is\nnot checked there.\n\n```golang\nfunc (t *Trie) tryGetNode(origNode node, path []byte, pos int) (item []byte, newnode node, resolved int, err error) {\n\t// If we reached the requested path, return the current node\n\tif pos \u003e= len(path) {\n\t\t// Although we most probably have the original node expanded, encoding\n\t\t// that into consensus form can be nasty (needs to cascade down) and\n\t\t// time consuming. Instead, just pull the hash up from disk directly.\n\t\tvar hash hashNode\n\t\tif node, ok := origNode.(hashNode); ok {\n\t\t\thash = node\n\t\t} else {\n\t\t\thash, _ = origNode.cache()\n\t\t}\n```\nMore specifically the `origNode` can be nil(e.g. the child of fullnode) and system can panic at line `hash, _ = origNode.cache()`. \n\nWhen investigating this, @holiman tried to find it via fuzzing, which uncovered a second crasher, also related to the snap `GetTrieNodes` package. If the caller requests a storage trie:\n```golang\n\t\t\t\t// Storage slots requested, open the storage trie and retrieve from there\n\t\t\t\taccount, err := snap.Account(common.BytesToHash(pathset[0]))\n\t\t\t\tloads++ // always account database reads, even for failures\n\t\t\t\tif account == nil {\n\t\t\t\t\tbreak\n\t\t\t\t}\n\t\t\t\tstTrie, err := trie.NewSecure(common.BytesToHash(account.Root), triedb)\n```\nThe code assumes that `snap.Account` returns _either_ a non-nil response unless `error` is also provided. This is however not the case, since `snap.Account` can return `nil, nil`. \n\n### Patches\n\n```diff\n--- a/eth/protocols/snap/handler.go\n+++ b/eth/protocols/snap/handler.go\n@@ -469,7 +469,7 @@ func handleMessage(backend Backend, peer *Peer) error {\n \t\t\t\t// Storage slots requested, open the storage trie and retrieve from there\n \t\t\t\taccount, err := snap.Account(common.BytesToHash(pathset[0]))\n \t\t\t\tloads++ // always account database reads, even for failures\n-\t\t\t\tif err != nil {\n+\t\t\t\tif err != nil || account == nil {\n \t\t\t\t\tbreak\n \t\t\t\t}\n \t\t\t\tstTrie, err := trie.NewSecure(common.BytesToHash(account.Root), triedb)\ndiff --git a/trie/trie.go b/trie/trie.go\nindex 7ea7efa835..d0f0d4e2bc 100644\n--- a/trie/trie.go\n+++ b/trie/trie.go\n@@ -174,6 +174,10 @@ func (t *Trie) TryGetNode(path []byte) ([]byte, int, error) {\n }\n \n func (t *Trie) tryGetNode(origNode node, path []byte, pos int) (item []byte, newnode node, resolved int, err error) {\n+\t// If non-existent path requested, abort\n+\tif origNode == nil {\n+\t\treturn nil, nil, 0, nil\n+\t}\n \t// If we reached the requested path, return the current node\n \tif pos \u003e= len(path) {\n \t\t// Although we most probably have the original node expanded, encoding\n@@ -193,10 +197,6 @@ func (t *Trie) tryGetNode(origNode node, path []byte, pos int) (item []byte, new\n \t}\n \t// Path still needs to be traversed, descend into children\n \tswitch n := (origNode).(type) {\n-\tcase nil:\n-\t\t// Non-existent path requested, abort\n-\t\treturn nil, nil, 0, nil\n-\n \tcase valueNode:\n \t\t// Path prematurely ended, abort\n \t\treturn nil, nil, 0, nil\n\n``` \nThe fixes were merged into [#23657](https://github.com/ethereum/go-ethereum/pull/23657), with commit [f1fd963](https://github.com/ethereum/go-ethereum/pull/23657/commits/f1fd963a5a965e643e52fcf805a2a02a323c32b8), and released as part of Geth [v1.10.9](https://github.com/ethereum/go-ethereum/tree/v1.10.9) on Sept 29, 2021. \n\n### Workarounds\n\nApply the patch above or upgrade to a version which is not vulnerable.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [go-ethereum](https://github.com/ethereum/go-ethereum/)\n* Email us at [security@ethereum.org](mailto:security@ethereum.org)\n",
  "id": "GHSA-59hh-656j-3p7v",
  "modified": "2023-08-29T18:55:39Z",
  "published": "2021-10-25T19:42:57Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41173"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/pull/23657/commits/f1fd963a5a965e643e52fcf805a2a02a323c32b8"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/pull/23801"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ethereum/go-ethereum"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2022-0256"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Geth Node Vulnerable to DoS via maliciously crafted p2p message "
}

GSD-2021-41173

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-41173

Aliases

CVE-2021-41173

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-41173",
    "description": "Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.",
    "id": "GSD-2021-41173"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-41173"
      ],
      "details": "Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.",
      "id": "GSD-2021-41173",
      "modified": "2023-12-13T01:23:27.212750Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2021-41173",
        "STATE": "PUBLIC",
        "TITLE": "DoS via maliciously crafted p2p message "
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "go-ethereum",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 1.10.9"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "ethereum"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20: Improper Input Validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v",
            "refsource": "CONFIRM",
            "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v"
          },
          {
            "name": "https://github.com/ethereum/go-ethereum/pull/23801",
            "refsource": "MISC",
            "url": "https://github.com/ethereum/go-ethereum/pull/23801"
          },
          {
            "name": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738",
            "refsource": "MISC",
            "url": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738"
          },
          {
            "name": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9",
            "refsource": "MISC",
            "url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-59hh-656j-3p7v",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003cv1.10.9",
          "affected_versions": "All versions before 1.10.9",
          "cvss_v2": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2021-10-28",
          "description": "Go Ethereum is the official Golang implementation of the Ethereum protocol. A vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.",
          "fixed_versions": [
            "v1.10.9"
          ],
          "identifier": "CVE-2021-41173",
          "identifiers": [
            "CVE-2021-41173"
          ],
          "not_impacted": "All versions starting from v1.10.9",
          "package_slug": "go/github.com/ethereum/go-ethereum",
          "pubdate": "2021-10-26",
          "solution": "Upgrade to version v1.10.9 or above.",
          "title": "Improper Input Validation",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-41173"
          ],
          "uuid": "e822eb4f-cd9b-411f-8ca9-19d86f4141ca",
          "versions": [
            {
              "commit": {
                "sha": "eae3b1946a276ac099e0018fc792d9e8c3bfda6d",
                "tags": [
                  "v1.10.9"
                ],
                "timestamp": "20210929175941"
              },
              "number": "v1.10.9"
            }
          ]
        },
        {
          "affected_range": "\u003cv1.10.9",
          "affected_versions": "All versions before 1.10.9",
          "cvss_v2": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-707",
            "CWE-937"
          ],
          "date": "2023-02-09",
          "description": "Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.",
          "fixed_versions": [
            "v1.10.9"
          ],
          "identifier": "CVE-2021-41173",
          "identifiers": [
            "GHSA-59hh-656j-3p7v",
            "CVE-2021-41173"
          ],
          "not_impacted": "All versions starting from 1.10.9",
          "package_slug": "go/github.com/ethereum/go-ethereum/eth/protocols/snap",
          "pubdate": "2021-10-25",
          "solution": "Upgrade to version 1.10.9 or above.",
          "title": "Improper Neutralization",
          "urls": [
            "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v",
            "https://nvd.nist.gov/vuln/detail/CVE-2021-41173",
            "https://github.com/ethereum/go-ethereum/pull/23801",
            "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738",
            "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9",
            "https://github.com/ethereum/go-ethereum/pull/23657/commits/f1fd963a5a965e643e52fcf805a2a02a323c32b8",
            "https://pkg.go.dev/vuln/GO-2022-0256",
            "https://github.com/advisories/GHSA-59hh-656j-3p7v"
          ],
          "uuid": "bf39abf3-ddc3-4e3e-b2d5-cb3d7e3946f7",
          "versions": [
            {
              "commit": {
                "sha": "eae3b1946a276ac099e0018fc792d9e8c3bfda6d",
                "tags": [
                  "v1.10.9"
                ],
                "timestamp": "20210929175941"
              },
              "number": "v1.10.9"
            }
          ]
        },
        {
          "affected_range": "\u003cv1.10.9",
          "affected_versions": "All versions before 1.10.9",
          "cvss_v2": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-707",
            "CWE-937"
          ],
          "date": "2023-02-09",
          "description": "Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.",
          "fixed_versions": [
            "v1.10.9"
          ],
          "identifier": "CVE-2021-41173",
          "identifiers": [
            "GHSA-59hh-656j-3p7v",
            "CVE-2021-41173"
          ],
          "not_impacted": "All versions starting from 1.10.9",
          "package_slug": "go/github.com/ethereum/go-ethereum/trie",
          "pubdate": "2021-10-25",
          "solution": "Upgrade to version 1.10.9 or above.",
          "title": "Improper Neutralization",
          "urls": [
            "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v",
            "https://nvd.nist.gov/vuln/detail/CVE-2021-41173",
            "https://github.com/ethereum/go-ethereum/pull/23801",
            "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738",
            "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9",
            "https://github.com/ethereum/go-ethereum/pull/23657/commits/f1fd963a5a965e643e52fcf805a2a02a323c32b8",
            "https://pkg.go.dev/vuln/GO-2022-0256",
            "https://github.com/advisories/GHSA-59hh-656j-3p7v"
          ],
          "uuid": "7e2801c0-ef60-43df-a5b8-0e4d23d59517",
          "versions": [
            {
              "commit": {
                "sha": "eae3b1946a276ac099e0018fc792d9e8c3bfda6d",
                "tags": [
                  "v1.10.9"
                ],
                "timestamp": "20210929175941"
              },
              "number": "v1.10.9"
            }
          ]
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ethereum:go_ethereum:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.10.9",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-41173"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ethereum/go-ethereum/pull/23801",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/ethereum/go-ethereum/pull/23801"
            },
            {
              "name": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9"
            },
            {
              "name": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v"
            },
            {
              "name": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.1,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-10-28T20:55Z",
      "publishedDate": "2021-10-26T14:15Z"
    }
  }
}

FKIE_CVE-2021-41173

Vulnerability from fkie_nvd - Published: 2021-10-26 14:15 - Updated: 2024-11-21 06:25

Severity ?

5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/ethereum/go-ethereum/pull/23801	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9	Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/ethereum/go-ethereum/pull/23801	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v	Third Party Advisory

Impacted products

	Vendor	Product	Version
	ethereum	go_ethereum	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ethereum:go_ethereum:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA383AD6-A083-453C-BED8-C2C8BCCDEEDE",
              "versionEndExcluding": "1.10.9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading."
    },
    {
      "lang": "es",
      "value": "Go Ethereum es la implementaci\u00f3n oficial en Golang del protocolo Ethereum. En versiones anteriores a 1.10.9, un nodo vulnerable es susceptible de bloquearse cuando procesa un mensaje maliciosamente dise\u00f1ado de un compa\u00f1ero. La versi\u00f3n v1.10.9 contiene parches para la vulnerabilidad. No se conocen soluciones aparte de la actualizaci\u00f3n"
    }
  ],
  "id": "CVE-2021-41173",
  "lastModified": "2024-11-21T06:25:40.247",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2021-10-26T14:15:08.130",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ethereum/go-ethereum/pull/23801"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ethereum/go-ethereum/commit/e40b37718326b8b4873b3b00a0db2e6c6d9ea738"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ethereum/go-ethereum/pull/23801"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-59hh-656j-3p7v"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-41173 (GCVE-0-2021-41173)

GHSA-59HH-656J-3P7V

Impact

Details

Patches

Workarounds

For more information

GSD-2021-41173

FKIE_CVE-2021-41173

Tags

Sightings

Nomenclature