Johnyangk

**Name of the Vulnerable Software and Affected Versions** Geth versions 1.9.4 through 1.9.20 **Description** A consensus issue could cause a chain split, where vulnerable versions refuse to accept the canonical chain. This occurs due to an incorrect state calculation when processing a particular sequence of transactions. The issue arises from a subtle change in the semantics of `createObject`, which returns a non-nil object with `deleted=true` when the account has been destructed, causing the new object to inherit the old balance. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For Geth versions 1.9.4 through 1.9.20, upgrade to version 1.9.20 or a newer version to resolve the issue. As a temporary workaround, consider restricting the use of the vulnerable `createObject` function until a patch is available. Avoid using the `createObject` function with destructed accounts to minimize the risk of exploitation.