Eugene Siegel

**Name of the Vulnerable Software and Affected Versions** Bitcoin Core versions prior to 22.0 Bitcoin Core versions 27.x **Description** The issue is caused by an integer overflow in CAddrMan's `nIdCount` via a flood of `addr` messages, leading to an assertion failure and daemon exit. This can be exploited to cause a remote crash. **Recommendations** For Bitcoin Core versions prior to 22.0, update to version 22.0 or later to resolve the issue. For Bitcoin Core versions 27.x, update to version 28.x or 29.x to resolve the issue. As a temporary workaround, consider restricting the handling of `addr` messages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Blockstream c-lightning versions through 0.10.1 **Description** The issue allows for loss of funds due to dust HTLC exposure. **Recommendations** For versions through 0.10.1, update to a version that fixes the dust HTLC exposure issue to prevent loss of funds.

**Name of the Vulnerable Software and Affected Versions** Lightning Labs lnd versions prior to 0.13.3-beta **Description** The issue allows for loss of funds due to dust HTLC exposure. **Recommendations** For versions prior to 0.13.3-beta, update to version 0.13.3-beta or later to resolve the issue.