CVE-2018-19184

Name of the Vulnerable Software and Affected Versions Go Ethereum (aka geth) version 1.8.17

Description The issue allows attackers to cause a denial of service (SEGV) via crafted bytecode. This is related to the cmd/evm/runner.go file in Go Ethereum. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. The technical details about exploitation include the use of crafted bytecode to cause a denial of service.

Recommendations For Go Ethereum (aka geth) version 1.8.17, consider updating to a newer version to mitigate the risk, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the execution of crafted bytecode in the cmd/evm/runner.go file to minimize the risk of exploitation.