PT-2025-5590 · Unknown+1 · Go-Ethereum+1
Iam-Ned
·
Published
2025-01-30
·
Updated
2026-02-19
·
CVE-2025-24883
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
go-ethereum (geth) versions 1.14.0 through 1.14.12
Description
A vulnerable node can be forced to shutdown or crash using a specially crafted message. Approximately 42.99% of geth nodes are still exposed to the issue, with around 18.5% of the total Ethereum network potentially at risk. Node operators are strongly encouraged to upgrade to the latest version to address the issue.
Recommendations
go-ethereum (geth) versions 1.14.0 through 1.14.12: Update to version 1.14.13 to address the issue. Verify compatibility with your existing Ethereum infrastructure and test the update before applying it to your production environment.
Exploit
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Suse
Go-Ethereum