CVE-2023-50428
https://notcve.org/view.php?id=CVE-2023-50428
In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerability from the perspective of the Bitcoin Knots project, some others consider it "not a bug." En Bitcoin Core hasta 26.0 y Bitcoin Knots anteriores a 25.1.knots20231115, los límites de tamaño del portador de datos se pueden eludir ofuscando los datos como código (por ejemplo, con OP_FALSE OP_IF), tal como lo explotó Inscriptions en 2022 y 2023. • https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures https://github.com/bitcoin/bitcoin/blob/65c05db660b2ca1d0076b0d8573a6760b3228068/src/kernel/mempool_options.h#L46-L53 https://github.com/bitcoin/bitcoin/pull/28408#issuecomment-1844981799 https://github.com/bitcoin/bitcoin/tags https://github.com/bitcoinknots/bitcoin/blob/aed49ce8989334c364a219a6eb016a3897d4e3d7/doc/release-notes.md https://twitter.com/LukeDashjr/status/1732204937466032285 •
CVE-2023-33297
https://notcve.org/view.php?id=CVE-2023-33297
Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023. • https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-24.1.md https://github.com/bitcoin/bitcoin/issues/27586 https://github.com/bitcoin/bitcoin/issues/27623 https://github.com/bitcoin/bitcoin/pull/27610 https://github.com/dogecoin/dogecoin/issues/3243#issuecomment-1712575544 https://github.com/visualbasic6/drain https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2E • CWE-400: Uncontrolled Resource Consumption •
CVE-2021-3195
https://notcve.org/view.php?id=CVE-2021-3195
bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of a fork that has implemented dumpwallet restrictions ** EN DISPUTA ** bitcoind en Bitcoin Core versiones hasta 0.21.0, puede crear un nuevo archivo en un directorio arbitrario (por ejemplo, fuera del directorio ~/.bitcoin) por medio de una llamada RPC dumpwallet NOTA: según se informa, esto no viola el modelo de seguridad de Bitcoin Core, pero puede violar el modelo de seguridad de un fork que haya implementado restricciones de dumpwallet • https://github.com/bitcoin/bitcoin/issues/20866 • CWE-20: Improper Input Validation •
CVE-2019-15947
https://notcve.org/view.php?id=CVE-2019-15947
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500" command. En Bitcoin Core versión 0.18.0, bitcoin-qt almacena los datos de wallet.dat sin cifrar en la memoria. Ante un bloqueo, puede volcar un archivo core. • https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2019-15947 https://gist.github.com/oxagast/50a121b2df32186e0c48411859d5861b https://github.com/bitcoin/bitcoin/issues/16824 https://security.gentoo.org/glsa/202009-18 • CWE-312: Cleartext Storage of Sensitive Information •