CVE-2021-39137

Summary

go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum (Geth) could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a later date. A patch is included in the upcoming v1.10.8 release. No workaround are available.

Affected Software

VendorProductVersion RangeStatus
ethereumgo-ethereum>= 1.10.0, < 1.10.8affected

Weaknesses

  • CWE-436: CWE-436: Interpretation Conflict

ADP Enrichment

CVE Program Container

Additional References

References