CVE-2024-32972
HIGH7.5EPSS 0.61%Denial of Service in github.com/ethereum/go-ethereum
Published: 5/6/2024Modified: 3/3/2026
Description
A vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. This can result in a denial of service as the node runs out of memory.
Affected packages (2)
- Go/github.com/ethereum/go-ethereumfrom 0, < 1.13.15
- Go/github.com/ethereum/go-ethereumfrom 0, < 1.13.15
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
References (5)
- ADVISORYhttps://github.com/advisories/GHSA-4xc9-8hmq-j652
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-32972
- PATCHhttps://github.com/ethereum/go-ethereum
- WEBhttps://github.com/ethereum/go-ethereum/compare/v1.13.14...v1.13.15
- WEBhttps://github.com/ethereum/go-ethereum/security/advisories/GHSA-4xc9-8hmq-j652