CVE-2020-5303

Name of the Vulnerable Software and Affected Versions Tendermint versions prior to 0.33.3 Tendermint versions prior to 0.32.10 Tendermint versions prior to 0.31.12

Description Tendermint has a denial-of-service vulnerability due to not limiting the number of P2P connection requests, which can lead to temporary memory spikes and Out-Of-Memory exceptions. Additionally, Tendermint does not reclaim activeID of a peer after it's removed in Mempool reactor, leading to always growing memory. An attacker can create a lot of connection attempts, which can lead to the node panicking. The activeIDs map has a maximum size of 65535, and the node will panic if this map reaches the maximum.

Recommendations For versions prior to 0.33.3, update to version 0.33.3 or later to fix the issue. For versions prior to 0.32.10, update to version 0.32.10 or later to fix the issue. For versions prior to 0.31.12, update to version 0.31.12 or later to fix the issue. As a temporary workaround, consider limiting the number of incoming P2P connections to prevent memory spikes. Restrict access to the Mempool reactor to minimize the risk of exploitation.