Roasbeef

**Name of the Vulnerable Software and Affected Versions** Lightning Network Daemon (lnd) versions prior to 0.15.4 **Description** The issue is related to a block parsing bug that can cause a node to enter a degraded state. In this state, nodes can continue to make payments and forward HTLCs, and close out channels, but opening channels is prohibited and on-chain transaction events will be undetected. This can lead to loss of funds if a CSV expiry is researched during a breach attempt or a CLTV delta expires, forgetting the funds in the HTLC. **Recommendations** For versions prior to 0.15.4, upgrade to version 0.15.4 or later to resolve the issue. As a temporary workaround for users unable to upgrade, use the `lncli updatechanpolicy` RPC call to increase the `CLTV` value to a very high amount or increase fee policies, preventing nodes from routing through your node and minimizing the risk of exploitation.