How CVE-2024-35202 vulnerability works in Bitcoin Core crypto wallet

30.11.2024
How CVE-2024-35202 vulnerability works in Bitcoin Core crypto wallet

The CVE-2024-35202 vulnerability, discovered in Bitcoin Core before version 25.0, is a serious security issue that allows attackers to initiate denial of service (DoS) attacks. This article discusses the technical details of the vulnerability, its implications, and mitigation methods.

Description of vulnerability

CVE-2024-35202 occurs in the processing of  blocktxn messages , which are used to transmit transactions between Bitcoin network nodes. The issue is that if a  blocktxn message  contains transactions that are not included in the block’s merkle tree, it can cause a Bitcoin Core node to crash. This results in an assertion failure, which can cause the node to unexpectedly terminate 2 .

Technical details

  1. How it works : When a node receives a block announcement via a  cmpctblock message,  it attempts to reconstruct the block using transactions from its mempool and other available transactions. If reconstruction fails due to missing transactions, the node requests them from the sender via a  getblocktxn message .
  2. Short transaction IDs : The compact block protocol uses short transaction IDs (6 bytes), which increases the likelihood of collisions. If a collision occurs, the node should not penalize the sender, as such situations can occur randomly 2 .
  3. Vulnerability Classification : The vulnerability is classified as CWE-770 (Unlimited Resource Allocation) and has a high CVSS score (7.5), indicating a severity of 2 .

Consequences

According to the Bitcoin Core development team, more than 13% of Bitcoin network nodes remain vulnerable to this attack due to the use of outdated versions of software 3 . This poses risks to the stability of the entire network, as attackers can exploit this vulnerability to cause large-scale failures.

Methods of protection

To mitigate risks associated with CVE-2024-35202, it is recommended to:

  • Software Update : The most effective way to protect yourself is to update Bitcoin Core to version 25.0 or higher, where this vulnerability has already been patched 3 .
  • Network Monitoring : It is important to monitor network traffic for unusual activity and implement intrusion detection and prevention systems to identify potentially malicious  blocktxn messages .
  • Improved logging and alerts : Set up detailed logging and alerts for unexpected node behavior to help you quickly respond to anomalies 2 .

The Role of cmpctblock and blocktxn Messages in Bitcoin Core Functionality

In the Bitcoin Core ecosystem,  cmpctblock  and  blocktxn messages  play a key role in optimizing the transmission of block and transaction data between nodes in the network. These messages enable more efficient communication and help improve network performance.

Message cmpctblock

Definition : The  cmpctblock  (compact block) message is a shortened representation of a block that includes only the block header and short transaction identifiers, not the transactions themselves. This message allows nodes to quickly exchange information about new blocks while minimizing the amount of data transferred. Functionality :

  • Simplifying data transmission : Instead of sending the entire block, nodes can transmit only its header and transaction IDs, which significantly reduces the load on the network.
  • Processing speed : Nodes that receive a  cmpctblock message can more quickly determine which transactions they need to download from other sources, speeding up the synchronization process.

Message from blocktxn

Definition : The blocktxn message   is used to transmit the actual transactions that were mentioned in the  cmpctblock message . It is sent by a node that has missing transactions to satisfy the requests of other nodes. Functionality :

  • Filling in missing data : When a node receives a  cmpctblock message , it may find that it is missing some transactions. In this case, it sends a request to get the missing transactions via a  getblocktxn message , and then receives them via a  blocktxn message .
  • Block Integrity Maintenance : This message ensures that all nodes in the network have complete transaction data, which is critical to maintaining the integrity of the blockchain.

Interaction between cmpctblock and blocktxn

The process of working with these messages can be described as follows:

  1. Node A sends a  cmpctblock message  to node B, announcing a new block.
  2. Node B checks for all required transactions. If any are missing, it initiates a request via  getblocktxn .
  3. Node A responds with a  blocktxn message providing the missing transactions.
  4. Node B completes the block processing by adding all the necessary data to its local copy of the blockchain.

Bitcoin Core developers have taken several important steps to fix the vulnerability CVE-2024-35202, which allowed attackers to remotely reset Bitcoin Core nodes that process  blocktxn messages . Here are the main steps that were taken:

  1. Vulnerability discovery and fix : The vulnerability was discovered by Niklas Goegge and reported to the Bitcoin Core security team in October 2022. A fix was added to the code in January 2023 and included in the version 25.0 release, which was released in May 2023. This update fixed an issue related to  blocktxn message handling , preventing the possibility of remote node failure 4 .
  2. Update Recommendations : The developers strongly recommended that all users update their nodes to the latest version of the software (currently version 28.0) to avoid risks associated with the vulnerability. This is especially important since more than 13% of the network’s nodes were still running outdated versions of Bitcoin Core, which were vulnerable to the attack 2 .
  3. Disclosure Policy : The Bitcoin Core team has implemented a critical vulnerability disclosure policy aimed at raising community awareness of security issues and the need for timely software updates 2 .
  4. Discussion and Analysis : After the vulnerability was fixed, there was a lot of discussion among developers about its impact on network security and the potential risks associated with the remaining vulnerable nodes. This discussion helped to highlight the importance of updating and maintaining network security 4 .

These measures are aimed at protecting the Bitcoin network from possible attacks and ensuring the stability of nodes.


What other vulnerabilities have been discovered in Bitcoin Core in recent years?

In recent years, several serious vulnerabilities have been discovered in Bitcoin Core, in addition to CVE-2024-35202. Here are some of them:

  1. CVE-2018-17145 (INVDoS) :
    • Discovered in 2018, this vulnerability allowed attackers to initiate denial of service (DoS) attacks on Bitcoin Core nodes. Researcher Braydon Fuller found that special transactions could cause a node to consume too much of its resources, eventually causing it to crash. At the time of discovery, over 50% of nodes were vulnerable to this attack 3 .
  2. Bitcoin Double Spend Vulnerability (2016) :
    • The removal of transaction double-spend checks in November 2016 created a serious vulnerability that could have led to an increase in the Bitcoin supply cap. This allowed miners to potentially spend their Bitcoin twice, threatening the integrity of the network and potentially causing a chain split. Although the developers claimed that no actual double-spends occurred, the need for auditing remained relevant 2 .
  3. Inscription Vulnerability (2022-2023) :
    • A vulnerability was discovered in some versions of Bitcoin Core that allowed data volume limits to be bypassed by disguising them as code. This resulted in inscriptions (additional data embedded in transactions) congesting the network and increasing transaction fees. This issue was brought to the attention of the US National Vulnerability Database and was considered of public importance 4 .
  4. Randstorm (BitcoinJS library vulnerabilities) :
    • While not specific to Bitcoin Core, researchers have found vulnerabilities in the BitcoinJS JavaScript library used by many crypto services. The vulnerabilities allowed predictable secret keys to be generated, compromising the security of millions of wallets created using the library between 2011 and 2015 5 .

These vulnerabilities highlight the importance of ongoing software updates and active security monitoring to protect the Bitcoin network from potential threats.

Conclusion

The CVE-2024-35202 vulnerability highlights the importance of regularly updating software and actively monitoring network activity to ensure the security of cryptocurrency nodes. Timely fixing of this issue will help to maintain the stability and reliability of the Bitcoin network.  cmpctblock  and  blocktxn messages  are important elements in the Bitcoin Core architecture that facilitate more efficient data exchange and improve network performance. Their use allows to reduce the amount of information transmitted and speed up the synchronization process between nodes, which is critical for the decentralized nature of Bitcoin.