High severity bug in Bitcoin Core affects 17% of full nodes
Bitcoin Core developers have issued a new, high severity warning about a software bug on one in every six Bitcoin nodes. On Thursday, workers at the open source Bitcoin Core Project who maintain the software running on over 98% of reachable full nodes, disclosed that there is a major security problem with the software running on 17% of the network . Specifically, all software prior to Bitcoin Core version 24.0.1 is at risk. This denial-of-service bug affects approximately 3,330 of the 19,200 self-declared user agents of reachable Bitcoin full nodes, according to surveillance estimates from Bitnodes. In pre-24.0.1 Bitcoin Core software, a malicious actor can spam nodes with low-difficulty header chains. By forcing nodes to download and store extremely long chains of headers, the attack could crash the node by overwhelming bandwidth or storage on the device. Developers patched this bug in Bitcoin Core pull request (PR) number 25717 and merged that into production on December 12, 202...