PT-2019-9749 · Stratis · Stratis

Published

2019-11-05

Updated

2019-11-06

CVE-2018-19163

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions stratisX versions through 2.0.0.5

Description The issue allows a remote denial of service, which can be exploited by an attacker who acquires a small amount of stake or coins in the system. The attacker can send invalid headers or blocks, which are then stored on the victim's disk.

Recommendations For versions through 2.0.0.5, as a temporary workaround, consider restricting the storage of invalid headers or blocks to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2018-19163

Affected Products

Stratis

PT-2019-9749 · Stratis · Stratis

CVE-2018-19163

Weakness Enumeration

Related Identifiers

Affected Products

References · 4