CVE-2019-25220
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-25220
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-25220.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-25220
- Published
- 2024-11-18T04:15:04Z
- Modified
- 2025-05-23T03:08:54.219125Z
- Summary
- [none]
- Details
-
Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service (daemon crash) via a flood of low-difficulty header chains (aka a "Chain Width Expansion" attack) because a node does not first verify that a presented chain has enough work before committing to store it.
- References
Affected packages
Git / github.com/bitcoin/bitcoin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bitcoin/bitcoin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
noversion
v0.*
v0.1.5
v0.1.6test1
v0.2.0
v0.2.10
v0.2.11
v0.2.12
v0.2.13
v0.2.2
v0.2.4
v0.2.5
v0.2.6
v0.2.7
v0.2.8
v0.2.9
v0.2rc2
v0.3.0
v0.3.1
v0.3.10
v0.3.11_notexact
v0.3.12
v0.3.13
v0.3.14
v0.3.15
v0.3.17
v0.3.18
v0.3.19
v0.3.1rc1
v0.3.2
v0.3.20
v0.3.20.01_closest
v0.3.20.2_closest
v0.3.21
v0.3.21rc
v0.3.22
v0.3.22rc1
v0.3.22rc2
v0.3.22rc3
v0.3.22rc4
v0.3.22rc5
v0.3.22rc6
v0.3.23
v0.3.23rc1
v0.3.24
v0.3.24rc1
v0.3.24rc2
v0.3.24rc3
v0.3.3
v0.3.6
v0.3.7
v0.3.8
v0.3rc1
v0.3rc2
v0.3rc4
v0.4.0
v0.4.00rc1
v0.4.00rc2
v0.5.0
v0.5.0rc1
v0.5.0rc2
v0.5.0rc3
v0.5.0rc4
v0.5.0rc5
v0.5.0rc6
v0.5.0rc7
v0.5.1
v0.5.1rc1
v0.5.1rc2
v0.6.0
v0.6.0rc1
v0.6.0rc2
v0.6.0rc3
v0.6.0rc4
v0.6.0rc5
v0.6.0rc6
v0.6.1
v0.6.1rc1
v0.6.1rc2
v0.7.0
v0.7.0rc1
v0.7.0rc2
v0.7.0rc3
v0.7.1
v0.7.1rc1
v0.8.0
v0.8.0rc1
v0.8.2
v0.8.2rc1
v0.8.2rc2
v0.8.2rc3
v0.9.0rc1
v0.9.0rc2
v21.*
v21.99-guixtest1
v24.*
v24.0
v24.0rc1
v24.0rc2
v24.0rc3
v24.0rc4