CVE-2022-29177

Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that addresses the problem. As a workaround, setting loglevel to default level (`INFO`) makes the node not vulnerable to this attack.
Configurations

Configuration 1

cpe:2.3:a:ethereum:go_ethereum:*:*:*:*:*:*:*:*

Information

Published : 2022-05-20 05:15

Updated : 2022-06-06 05:47


NVD link : CVE-2022-29177

Mitre link : CVE-2022-29177

Products Affected
No products.