• Login
Crypto Newsmart
No Result
View All Result
  • HOME
  • BITCOIN
  • CRYPTO UPDATES
    • ALTCOIN
    • ETEREUM
    • NFT’s
    • CRYPTO PRICE ANALYSIS
  • LEARN CRYPTO
  • CRYPTO EXCHANGES
  • BLOCKCHAIN
  • MINING
  • SCAM ALERT
  • PRESS RELEASE
  • HOME
  • BITCOIN
  • CRYPTO UPDATES
    • ALTCOIN
    • ETEREUM
    • NFT’s
    • CRYPTO PRICE ANALYSIS
  • LEARN CRYPTO
  • CRYPTO EXCHANGES
  • BLOCKCHAIN
  • MINING
  • SCAM ALERT
  • PRESS RELEASE
No Result
View All Result
Crypto Newsmart
No Result
View All Result

Bitcoin Core’s New Policy Targets Security for Nodes Running Outdated Software

Giacomo Di Sabato by Giacomo Di Sabato
10 months ago
in Bitcoin, Scam Alert
Reading Time: 3 mins read
25
VIEWS
Share on Facebook
Bitcoin security

Around 6% of Bitcoin nodes are currently operating on outdated software, exposing them to potential security vulnerabilities. To address this, Bitcoin Core has implemented a new disclosure policy aimed at enhancing network security through increased transparency.

Historically, Bitcoin Core developers have disclosed only 10 vulnerabilities that could affect older versions of the Bitcoin client software. A report from Bitcoin Optech reveals that these vulnerabilities, while fixed in recent releases, could have allowed various attacks on nodes running outdated Bitcoin Core versions. This comes as developers introduce a new security disclosure policy to improve transparency and communication between the team and Bitcoin’s public users.

“The project has historically done a poor job at publicly disclosing security-critical bugs, whether externally reported or found by contributors. This has led to a situation where a lot of users perceive Bitcoin Core as never having bugs. This perception is dangerous and, unfortunately, not accurate,” wrote Antoine Poinsot in the Bitcoin Development Mailing List announcement.

Liam Wright of CryptoSlate reports that approximately 787 nodes, or 5.94% of the 14,001 active Bitcoin nodes, are running versions older than 0.21.0, making them vulnerable to certain security risks. The most widespread vulnerability affects versions before 0.21.0, potentially enabling censorship of unconfirmed transactions and causing network splits due to excessive time adjustments.

Other Vulnerabilities

Other notable vulnerabilities include an unbound ban list CPU/memory DoS (CVE-2020-14198) affecting 185 nodes running versions before 0.20.1, and three separate vulnerabilities impacting 182 nodes each in versions prior to 0.20.0. These include memory DoS from large inv-messages, CPU-wasting DoS from malformed requests, and memory-related crashes when parsing BIP72 URIs.

Some of the oldest disclosed vulnerabilities date back to 2015, affecting only a few nodes running such outdated software. These include a remote code execution bug in miniupnpc (CVE-2015-6031) and a node crash DoS from large messages (CVE-2015-3641), impacting 22 and 5 nodes respectively.

The new disclosure system categorizes vulnerabilities into four severity levels and outlines specific timelines for disclosure based on the severity. This initiative aims to set clear expectations for security researchers and incentivize responsible disclosure of vulnerabilities.

While the percentage of vulnerable nodes is not immediately critical, it represents a significant portion of the network that could be exploited. This disclosure highlights the need for better communication and incentives within the Bitcoin community to encourage more frequent software updates and enhance the overall security of the network. Critical bugs will require an ad-hoc procedure.

This gradual adoption will begin with disclosing vulnerabilities fixed in Bitcoin Core versions 0.21.0 and earlier, followed by those fixed in subsequent versions over the coming months. The policy aims to set clear expectations for security researchers and incentivize responsible disclosure.

Disclaimer

The information provided on this website is sourced from independent entities deemed reliable and does not guarantee its timeliness, completeness, or accuracy. is not an investment advisor and does not offer personalized investment or financial advice. Information on this website may change without notice and can become outdated, incomplete, or inaccurate. While we strive to update content, there is no obligation to do so. Cryptonewsmart may incorporate AI-generated content, which is thoroughly reviewed by our editors and writers to ensure factual accuracy, drawing from multiple primary and secondary sources. Investment decisions should not be based solely on information from this website. We strongly recommend consulting a licensed investment advisor or financial professional. Decentral Media, Inc. does not accept compensation for analyzing or reporting on any ICO, IEO, cryptocurrency, or other investment forms.

Related Posts

Crypto phishing scam
Altcoin

Casa CEO Uncovers Sophisticated Scam Preying on High-Value Crypto Holders

23 November 2024
Cryptoqueen” Ruja Ignatova: The Billion-Dollar Scam and Her Elusive Whereabouts
Crypto Updates

Cryptoqueen” Ruja Ignatova: The Billion-Dollar Scam and Her Elusive Whereabouts

23 November 2024
Cryptocurrency market trends
Bitcoin

Cryptocurrency Market Insights: Recent Developments and Future Outlook

17 November 2024
Weekly Crypto Market Update: Major Highlights (October 25–31, 2024)
Bitcoin

Weekly Crypto Market Update: Major Highlights (October 25–31, 2024)

1 November 2024
Crypto Industry This Week: A Changing Landscape Amid Global Tensions
Bitcoin

Crypto Industry This Week: A Changing Landscape Amid Global Tensions

8 October 2024
Most recent developments in the realm of cryptocurrencies
Bitcoin

Most recent developments in the realm of cryptocurrencies

22 September 2024

[convertful id="153816"]

by CurrencyRate.Today
  • Home
  • Disclaimer
  • Privacy Policy
  • Digital Millennium Copyright Act Policy (DMCA)
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us
CRYPTO NEWSMART

Copyright © 2021 Crypto Newsmart.

No Result
View All Result
  • HOME
  • BITCOIN
  • CRYPTO UPDATES
    • ALTCOIN
    • ETEREUM
    • NFT’s
    • CRYPTO PRICE ANALYSIS
  • LEARN CRYPTO
  • CRYPTO EXCHANGES
  • BLOCKCHAIN
  • MINING
  • SCAM ALERT
  • PRESS RELEASE

Copyright © 2021 Crypto Newsmart.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Manage Cookie Consent

We use cookies to optimise our website and our service.

Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Preferences
{title} {title} {title}