Holiman

**Name of the Vulnerable Software and Affected Versions** Go Ethereum versions prior to 1.10.9 **Description** A vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer, via the `snap/1` protocol. The crash can be triggered by sending a malicious `snap/1` `GetTrieNodes` package. In the `trie.TryGetNode` implementation, if the requested path is reached, the associated node will be returned, but the nilness is not checked, which can cause a panic. **Recommendations** For versions prior to 1.10.9, upgrade to version 1.10.9 or apply the patch to resolve the issue. As a temporary workaround, consider restricting access to the `snap/1` protocol to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Geth versions prior to 1.9.17 **Description** This is a Consensus vulnerability in Geth that can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled `dataCopy` contract did a shallow copy on invocation. An attacker could deploy a contract that writes `X` to an EVM memory region `R`, then calls `0x00..04` with `R` as an argument, then overwrites `R` to `Y`, and finally invokes the `RETURNDATACOPY` opcode. When this contract is invoked, a consensus-compliant node would push `X` on the EVM stack, whereas Geth would push `Y`. **Recommendations** Upgrade to version 1.9.17 or higher to resolve the issue. As a temporary workaround, consider restricting the use of the `dataCopy` contract until a patch is applied. Avoid using the `RETURNDATACOPY` opcode in conjunction with the `dataCopy` contract to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Geth versions prior to 1.9.18 **Description** The issue is a Denial-of-service (crash) during block processing, which can be exploited through the `MULMOD` operation by specifying a modulo of `0`: `mulmod(a,b,0)`, causing a `panic` in the underlying library. This occurs due to improper bounds checking in certain mathematical operations, potentially allowing for a denial of service attack if untrusted user inputs are processed. The vulnerability can cause all vulnerable nodes to drop off the network. **Recommendations** For versions prior to 1.9.18, upgrade to v1.9.18 or higher to resolve the issue. As a temporary workaround, consider restricting the use of the `MULMOD` operation with a modulo of `0` to minimize the risk of exploitation.