CVE-2023-34451 — Denial of service via OOM in github.com/cometbft/cometbft

Description

A bug in the CometBFT middleware causes the mempool's two data structures to fall out of sync. This can lead to duplicate transactions that cannot be removed, even after they are committed in a block. The only way to remove the transaction is to restart the node. This can be exploited by an attacker to bring down a node by repeatedly submitting duplicate transactions.

How to fix CVE-2023-34451

To remediate CVE-2023-34451, upgrade the affected package to a fixed version below.

—upgrade to 0.34.29 or later
—upgrade to 0.37.2 or later

Is CVE-2023-34451 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0, < 0.34.29
from 0, < 0.37.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH8.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

References (5)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2023-34451
PATCHgithub.com/cometbft/cometbft
WEBgithub.com/cometbft/cometbft/pull/890
WEBgithub.com/cometbft/cometbft/security/advisories/GHSA-w24w-wp77-qffm
WEB