Vulnerabilities > CVE-2021-43668 - NULL Pointer Dereference vulnerability in Ethereum GO Ethereum 1.10.9

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

ethereum

CWE-476

NVD

Published: 2021-11-18

Updated: 2021-11-23

Summary

Go-Ethereum 1.10.9 nodes crash (denial of service) after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal.

Vulnerable Configurations

Part	Description	Count
Application	Ethereum Ethereum GO Ethereum 1.10.9	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://github.com/ethereum/go-ethereum/issues/23866