))
Discussing Pre-25.0 Bitcoin Core Vulnerability Disclosures
Manage episode 444610489 series 3285687
Brink द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Brink या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal।
Brink engineers Gloria Zhao and Niklas Gögge are joined by 0xB10C talk through the recently disclosed Bitcoin Core pre-25.0 vulnerabilities.
This continues our previous discussions in Episode 4 on pre-0.21.0 and Episode 5 on 0.21.0 Bitcoin Core Vulnerabilities.
- (0:00) - Introduction
- (0:48) - The DoS vulnerability in headers sync
- (3:12) - Discussion of checkpoints in the code
- (10:11) - Bitcoin Core #25717 PR to fix the DoS vulnerability in headers sync
- (14:31) - The denial-of-service (DoS) vulnerability in inventory send queue
- (14:42) - P2P background regarding transaction relay and inventory messages
- (17:26) - Observations of increased network activity
- (23:30) - Bitcoin Core #27610 PR to fix the inventory send queue DoS vulnerability
- (25:35) - Stale blocks and impact on miners
- (28:31) - KIT Bitcoin monitoring website and latency graph
- (31:09) - Discussion of disclosure approach
- (34:10) - The crash vulnerability in compact block relay
- (34:20) - Compact block relay background
- (39:56) - Mechanics of a potential attack
- (42:49) - Discovery of the vulnerability
- (47:56) - Bitcoin Core #26898 PR to fix the crash vulnerability in compact block relay
- (49:33) - Benefits of modularizing code
- (56:25) - Lessons learned
Note: A vulnerability of ‘hindered block propagation due to mutated blocks’ was also disclosed and will be covered in a future podcast.
6 एपिसोडस
साझा करें
