Critical Bitcoin Core Bug Fix: Integer Overflow Vulnerability
Details of an integer overflow bug that caused an assertion crash were disclosed, with a fix released in Bitcoin Core version v22.0 on September 14, 2021.
This issue is being considered High severity.
Overview
The integer overflow vulnerability in Bitcoin Core was related to the CAddrMan module. A 32-bit field called nIdCount was used to identify new entries. However, if an attacker managed to insert 2^32 entries (such as by flooding with spam addresses), the identifier would overflow, leading to a crash due to assertion failure.
Discovery and Fix
The vulnerability was discovered and disclosed by Eugene Siegel, who promptly reported it to security@bitcoincore.org. Pieter Wuille was credited with fixing the bug. The fixes were merged on July 19, 2021, and the updated v22.0 version of Bitcoin Core was released on September 13, 2021, addressing the issue and preventing potential crashes.
Timeline of Events
- June 21, 2021 – Eugene Siegel reports the bug
- July 19, 2021 – Fixes merged by developers
- September 13, 2021 – Bitcoin Core v22.0 released with the fix
- July 31, 2024 – Public disclosure of the vulnerability
