Bitcoin Developers Fix Critical Software Bug Affecting Over 13% of Nodes

Recently, Bitcoin developers uncovered a critical software flaw that impacted more than 13% of the nodes enforcing the network's policies. The issue affects nodes running versions of Bitcoin Core earlier than 25.0. According to reports from Protos, these nodes are vulnerable to remote shutdown attacks due to how the software handles specific procedures.

Exploiting Protocol Conflicts to Crash Nodes

The vulnerability could allow a hacker to manipulate a node and cause it to crash. The flaw stemmed from the Compact Block Protocol, which uses transaction ID short forms to reduce bandwidth usage. While this protocol is efficient, it also opens the door for attackers to create conflicts that force the targeted node to request a full block, potentially leading to a system crash.

Niklas Gögge discovered and reported the vulnerability, ensuring it was fixed. The patch was included in Bitcoin Core Version 25.0, released in May 2023. However, many nodes had not yet updated, leaving the vulnerability exposed.

Low Financial Gain, High Risk for Network Disruption

Although the flaw doesn't offer significant financial incentives for individual hackers, organizations such as governments or corporations that want to disrupt the Bitcoin network could exploit it by targeting all affected nodes simultaneously, increasing the likelihood of crashes across the network.

This vulnerability aligns with a broader trend where engineers continue to find major security flaws in earlier versions of Bitcoin Core. Node operators must manually download and apply new versions since Bitcoin Core doesn't auto-update. Nodes running outdated software remain vulnerable to these types of Denial-of-Service (DoS) attacks.

13.7% of Bitcoin Nodes Still at Risk

Currently, around 13.7% of Bitcoin nodes are still exposed to this vulnerability. To protect against such security threats, Bitcoin developers strongly urge node operators to update to the latest version of Bitcoin Core.

The developers continually work to improve the system’s security and stability to safeguard the network. Recently, Bitcoin Core Version 28.0 was released to fix another vulnerability found in September. This upgrade further enhances security, improves user privacy, and boosts overall network safety.

As of writing this article, Bitcoin (BTC) is trading at approximately $62,804.68, reflecting a slight increase of 0.36% over the last 24 hours.