Discussing Pre-0.21.0 Bitcoin Core Vulnerability Disclosures
Update: 2024-07-11
Description
Brink engineers Gloria Zhao and Niklas Gögge talk through the recently disclosed Bitcoin Core pre-0.21.0 vulnerabilities.
- (0:00 ) - Introductions and motivation for disclosures
- (3:17 ) - Absolute value of a signed integer leads to rejection of all blocks
- (13:50 ) - Too many misbehaving peers leads to DoS
- (21:17 ) - Nested loop without deduplication leads to stalling
- (27:34 ) - Vulnerability in dependency leads to potential RCE
- (34:17 ) - Large memory allocation in peer receiver buffer and send buffer
- (35:41 ) - Payment request fetch causes mysterious crashing
- (37:39 ) - Misordered logic permits download of blocks bypassing checkpoints
- (42:21 ) - Lessons learned from these disclosures
Comments
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
In Channel
Download from Google Play
Download from App Store
United States00:00
00:00
1.0x
