Vulnerability CVE-2022-29177

Published: 2022-05-20

Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that addresses the problem. As a workaround, setting loglevel to default level (`INFO`) makes the node not vulnerable to this attack.



(Uncontrolled Resource Consumption ('Resource Exhaustion'))


Copyright 2022,


Back to Top