CVE-2024-55563

Bitcoin Core through 27.2 allows transaction-relay jamming via an off-chain protocol attack, a related issue to CVE-2024-52913. For example, the outcome of an HTLC (Hashed Timelock Contract) can be changed because a flood of transaction traffic prevents propagation of certain Lightning channel transactions.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://ariard.github.io
https://bitcoincore.org
https://delvingbitcoin.org/t/full-disclosure-transaction-relay-throughput-overflow-attacks-against-off-chain-protocols/1305
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures
https://gnusha.org/pi/bitcoindev/CALZpt+EptER=p+P7VN3QAb9n=dODA9_LnR9xZwWpRsdAwedv=w@mail.gmail.com/T/#u

Configurations

No configuration.

History

04 Mar 2025, 22:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3
CWE		CWE-770
Summary		(es) Bitcoin Core hasta la versión 27.2 permite el bloqueo de la retransmisión de transacciones mediante un ataque de protocolo fuera de la cadena, un problema relacionado con CVE-2024-52913. Por ejemplo, el resultado de un HTLC (contrato de bloqueo de tiempo hash) puede modificarse porque una inundación de tráfico de transacciones impide la propagación de ciertas transacciones del canal Lightning.

09 Dec 2024, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-12-09 01:15

Updated : 2025-03-04 22:15

NVD link : CVE-2024-55563

Mitre link : CVE-2024-55563

CVE.ORG link : CVE-2024-55563

JSON object : View

Products Affected

No product.

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

5.3 /10