CVE-2019-25220

Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service (daemon crash) via a flood of low-difficulty header chains (aka a "Chain Width Expansion" attack) because a node does not first verify that a presented chain has enough work before committing to store it.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://bitcoincore.org/en/2024/09/18/disclose-headers-oom	Vendor Advisory
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures	Third Party Advisory
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-October/017354.html	Mailing List

Configurations

Configuration 1 (hide)

cpe:2.3:a:bitcoin:bitcoin_core:*:*:*:*:*:*:*:*

History

22 May 2025, 16:56

Type	Values Removed	Values Added
References	~~() https://bitcoincore.org/en/2024/09/18/disclose-headers-oom -~~	() https://bitcoincore.org/en/2024/09/18/disclose-headers-oom - Vendor Advisory
References	~~() https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures -~~	() https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures - Third Party Advisory
References	~~() https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-October/017354.html -~~	() https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-October/017354.html - Mailing List
First Time		Bitcoin Bitcoin bitcoin Core
CPE		cpe:2.3:a:bitcoin:bitcoin_core::::::::

Information

Published : 2024-11-18 04:15

Updated : 2025-05-22 16:56

NVD link : CVE-2019-25220

Mitre link : CVE-2019-25220

CVE.ORG link : CVE-2019-25220

JSON object : View

Products Affected

bitcoin

bitcoin_core

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

{"id": "CVE-2019-25220", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-11-18T04:15:04.107", "references": [{"url": "https://bitcoincore.org/en/2024/09/18/disclose-headers-oom", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-October/017354.html", "tags": ["Mailing List"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service (daemon crash) via a flood of low-difficulty header chains (aka a \"Chain Width Expansion\" attack) because a node does not first verify that a presented chain has enough work before committing to store it."}, {"lang": "es", "value": "Bitcoin Core anterior a 24.0.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (falla del demonio) a trav\u00e9s de una inundaci\u00f3n de cadenas de encabezado de baja dificultad (tambi\u00e9n conocido como un ataque de \"expansi\u00f3n del ancho de la cadena\") porque un nodo no verifica primero que una cadena presentada tenga suficiente trabajo antes de comprometerse a almacenarla."}], "lastModified": "2025-05-22T16:56:23.983", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bitcoin:bitcoin_core:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55E9245E-1473-4830-BAD2-7E2BF9E3D298", "versionEndExcluding": "24.0.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}