PT-2019-9744 · Lux · Lux
Published
2019-11-05
·
Updated
2019-11-06
·
CVE-2018-19159
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
lux versions through 5.2.2
Description
The issue allows a remote denial of service, which can be exploited by an attacker who acquires a small amount of stake or coins in the system. The attacker can send invalid headers or blocks, which are then stored on the victim's disk.
Recommendations
For versions through 5.2.2, as a temporary workaround, consider restricting the storage of invalid headers or blocks to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Lux