CVE-2017-12842
N/A
N/A
Summary
Bitcoin Core before 0.14 allows an attacker to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in situations where an autonomous system relies solely on an SPV proof for transactions of a greater dollar amount.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures
- https://bitslog.wordpress.com/2018/06/09/leaf-node-weakness-in-bitcoin-merkle-tree-design/
- https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-February/016697.html
References
- https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures
- https://bitslog.wordpress.com/2018/06/09/leaf-node-weakness-in-bitcoin-merkle-tree-design/
- https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-February/016697.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.