CVE-2024-58133

Name of the Vulnerable Software and Affected Versions ChainMaker versions prior to 2.4.0

Description The issue arises from concurrent writes to a map by logger.go when a node's configuration file is frequently updated and the node is restarted. This can lead to a read-write conflict, resulting in a panic. Creating other logs simultaneously exacerbates the problem.

Recommendations For versions prior to 2.4.0, update to version 2.4.0 or later to resolve the issue. As a temporary workaround, consider restricting concurrent updates to a node's configuration file and restarting the node to minimize the risk of exploitation. Avoid making frequent updates to the configuration file while the node is running to reduce the likelihood of a read-write conflict.