Ddos 
Bitcoin Core developers have released a critical fix for a long-standing vulnerability that could have allowed an attacker to remotely crash nodes across the network. The flaw, tracked as CVE-2024-52911, is a “use-after-free” bug in the script interpreter that has existed in the codebase since version 0.14.0.
While the cost of exploitation is highβrequiring a specially crafted block with valid proof-of-workβthe bug represents a significant risk to the availability of the Bitcoin network.
The vulnerability lies within the way Bitcoin Core validates transactions in parallel. To speed up the process, script validation is dispatched to background threads using objects called CScriptCheck. These objects rely on pre-calculated information stored in PrecomputedTransactionData.
The technical root of the issue is a classic C++ memory management error involving the order of object destruction:
- Pointer Reliance: CScriptCheck stores a pointer to the precomputed data rather than the data itself. This means the data must stay alive as long as the background thread is checking it.
- Destruction Order: In C++, local objects are destroyed in the reverse order of their creation. Bitcoin Core was instantiating the control mechanism (CCheckQueueControl) before the precomputed data.
- The Early Return Trap: Consequently, the precomputed data was being destroyed while the background threads were still active.
In a normal, valid block, this isn’t an issue because the system waits for all checks to finish before returning. However, if a separate check failsβtriggering an “early return”βthe background threads may attempt to read the data after it has already been freed from memory, leading to a node crash.
The Bitcoin Core team has classified this as a High severity issue.
“An attacker capable of mining a block with sufficient proof-of-work could have exploited this to crash victim nodes,” the advisory explains.
While use-after-free bugs can theoretically lead to Remote Code Execution (RCE), researchers note that the strict constraints on block data make such an outcome unlikely in this specific case. The primary threat remains a highly targeted denial-of-service attack that could disrupt network stability or target specific exchanges and mining pools.
Node operators are strongly encouraged to upgrade to Bitcoin Core 29.0 or later to mitigate this risk. Because the exploit requires a valid PoW at the current tip, it is an expensive attack to execute, but the patch is essential for long-term network resilience.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
