John Newbery

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions prior to 0.21.0 Description: The issue allows an attacker to prevent a node from seeing a specific unconfirmed transaction due to mishandled transaction re-requests. Recommendations: For versions prior to 0.21.0, update to version 0.21.0 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions prior to 0.20.0 Description: The issue allows remote attackers to cause a denial of service, specifically through memory consumption, by sending a crafted INV message. Recommendations: For versions prior to 0.20.0, update to version 0.20.0 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions prior to 0.20.0 Description: The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, by sending a malformed `GETDATA` message. This can lead to a node crash. Recommendations: For versions prior to 0.20.0, upgrade to version 0.20.0 or later to resolve the issue. As a temporary workaround, consider restricting or disabling the handling of `GETDATA` messages until a patch is applied.