Impact
A vulnerable node can be forced to shutdown/crash using a specially crafted message.
During the peer-to-peer connection handshake, a shared secret key is computed. The implementation
did not verify whether the EC public key provided by the remote party is a valid point on the secp256k1 curve.
By simply sending an all-zero public key, a crash could be induced due to unexpected results from the handshake.
The issue was fixed by adding a curve point validity check in 159fb1a
Patches
A fix has been included in geth version 1.14.13 and onwards.
Workarounds
Unfortunately, no workaround is available.
Credits
This issue was originally reported to Polygon Security by David Matosse (@iam-ned).
Impact
A vulnerable node can be forced to shutdown/crash using a specially crafted message.
During the peer-to-peer connection handshake, a shared secret key is computed. The implementation
did not verify whether the EC public key provided by the remote party is a valid point on the secp256k1 curve.
By simply sending an all-zero public key, a crash could be induced due to unexpected results from the handshake.
The issue was fixed by adding a curve point validity check in 159fb1a
Patches
A fix has been included in geth version 1.14.13 and onwards.
Workarounds
Unfortunately, no workaround is available.
Credits
This issue was originally reported to Polygon Security by David Matosse (@iam-ned).