Bitcoin developers have announced a critical security flaw in Bitcoin Core that could leave over 13% of global nodes vulnerable to shutdown.
This vulnerability, known as CVE-2024-35202, affects all Core software versions prior to 25.0.
The issue arises from the compact block protocol, which is designed to reduce bandwidth usage by shortening transaction identifiers. An attacker could exploit this by causing a collision, leading a node to incorrectly assert it has received an entire block. This flaw allows the node to enter an invalid state, potentially crashing it.
Niklas Gögge, who discovered the issue, also created the fix, which has been included in Bitcoin Core version 25.0, released on May 26, 2023. According to BitNodes.io, around 13.7% of the 18,843 active nodes are still at risk, prompting developers to urge operators to update to version 28.0 to ensure security.
While the vulnerability does not provide immediate financial gains for attackers, it could be leveraged by entities aiming to disrupt Bitcoin operations. This incident underscores the importance of regular updates, as Bitcoin Core does not auto-update, requiring manual intervention from node operators to stay secure.
As the S&P 500 reached an all-time high on Friday, it celebrated the second anniversary of its bull market.
Bitcoin (BTC) has recovored from last week’s slump and is currently trading at $62,600.
Bitcoin transaction fees have jumped more than 32% this week, marking the highest level seen since August.
October has not lived up to its promising reputation for Bitcoin. Traditionally, this month has brought strong gains, often dubbed “Uptober,” with Bitcoin averaging nearly 23% in returns since 2013. In standout years like 2021, it even soared by 40%.