CVE-2023-34451

HIGH8.2EPSS 0.31%

Denial of service via OOM in github.com/cometbft/cometbft

Published: 7/5/2023Modified: 5/20/2024

Description

A bug in the CometBFT middleware causes the mempool's two data structures to fall out of sync. This can lead to duplicate transactions that cannot be removed, even after they are committed in a block. The only way to remove the transaction is to restart the node. This can be exploited by an attacker to bring down a node by repeatedly submitting duplicate transactions.

Affected packages (2)

Go/github.com/cometbft/cometbftfrom 0, < 0.34.29
Go/github.com/cometbft/cometbftfrom 0, < 0.37.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH8.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

References (5)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-34451
PATCHhttps://github.com/cometbft/cometbft
WEBhttps://github.com/cometbft/cometbft/pull/890
WEBhttps://github.com/cometbft/cometbft/security/advisories/GHSA-w24w-wp77-qffm
WEBhttps://github.com/tendermint/tendermint/pull/2778