CVE-2024-55563

Published: Dec 9, 2024Modified: May 22, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Bitcoin Core through 27.2 allows transaction-relay jamming via an off-chain protocol attack, a related issue to CVE-2024-52913. For example, the outcome of an HTLC (Hashed Timelock Contract) can be changed because a flood of transaction traffic prevents propagation of certain Lightning channel transactions.

Affected (1)

Products: Bitcoin: Bitcoin Core

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Bitcoin Bitcoin Core	Up to 27.2

Related CWEs

Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (5)

https://ariard.github.io

Source: cve@mitre.org

Third Party Advisory

https://bitcoincore.org

Source: cve@mitre.org

Product

https://delvingbitcoin.org/t/full-disclosure-transaction-relay-throughput-overflow-attacks-against-off-chain-protocols/1305

Source: cve@mitre.org

Issue Tracking

https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures

Source: cve@mitre.org

Third Party Advisory

https://gnusha.org/pi/bitcoindev/CALZpt+EptER=p+P7VN3QAb9n=dODA9_LnR9xZwWpRsdAwedv=w@mail.gmail.com/T/#u

Source: cve@mitre.org

Mailing List

Timeline

No history available yet.