GHSA-84x2-2qv6-qg56: Nervos CKB P2P DoS Attacks

February 2, 2024

The P2P protocols lack of rate limit. For example, in relay protocol, when a node receives a broadcasted tx_hashes, it will mark it in memory to avoid duplicated requests. code → .

It is easy to establish a DoS attach by generating random tx hashes.

References

github.com/advisories/GHSA-84x2-2qv6-qg56
github.com/nervosnetwork/ckb/commit/c5eb5478b635cea2ccef8676cf97692cd38293c3
github.com/nervosnetwork/ckb/security/advisories/GHSA-84x2-2qv6-qg56

Detect and mitigate GHSA-84x2-2qv6-qg56 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →