PT-2026-60695 · Crates.Io · Nimiq-Primitives

CVE-2026-54541

·

Published

2026-07-16

·

Updated

2026-07-16

CVSS v3.1

3.7

Low

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Impact

A malicious peer acting as a state-sync source can crash a syncing node by sending a crafted TrieChunk whose proof contains two TrieProofNodes with identical keys. TrieProof::verify() calls TrieProofNode::child index() (primitives/src/trie/trie proof node.rs:94), which unconditionally unwraps KeyNibbles::get(self.key.len()). Because is prefix of returns true for two equal keys, execution reaches get(len), which returns None, and the unwrap() panics.
The panic is reached from untrusted network input (ResponseChunkcommit chunksput chunkproof.verify()) before any cryptographic proof verification, so the attacker does not need to produce a valid proof. Exploitation requires the attacker to be selected as the victim's sync peer while the victim is performing state sync, and the resulting crash is transient (the node restarts and re-syncs).
Affected: core-rs-albatross <= 1.5.1 (nimiq-primitives).

Patches

Fixed in 1.6.0 via https://github.com/nimiq/core-rs-albatross/pull/3789 (commit 41d35ace). child index now rejects equal-length keys and returns MerkleRadixTrieError::WrongPrefix instead of unwrapping.

Workarounds

None other than syncing only from trusted peers. Upgrade to 1.6.0.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-54541
GHSA-46WQ-28CX-MHW4

Affected Products

Nimiq-Primitives