Brink engineers Gloria Zhao and Niklas Gögge talk through the recently disclosed Bitcoin Core pre-22.0 vulnerabilities.
This continues our previous discussion in Episode 4 on pre-0.21.0 Bitcoin Core Vulnerabilities.
- (0:00) - Introduction
- (1:07) - Background on Bitcoin peer-to-peer address relay
- (4:30) - Bitcoin Core’s AddrMan (address manager) data structure
- (5:37) - Disclosure of remote crash due to addr message spam
- (8:51) - Address spamming observed on the network
- (10:57) - Bitcoin Core #22387 PR to fix addr message spam
- (13:46) - Background on Miniupnp, the UPnP library used by Bitcoin Core
- (15:18) - The bug in Miniupnpc
- (16:33) - Disclosure of the impact of an infinite loop bug in the miniupnp dependency
- (17:50) - Bitcoin Core #20421 PR to fix the infinite loop bug in the miniupnp dependency
- (18:46) - Lessons learned
정보
- 프로그램
- 주기격주 업데이트
- 발행일2024년 7월 31일 오후 7:25 UTC
- 길이24분
- 등급전체 연령 사용가