CVE-2020-26240: Incorrect Calculation

November 25, 2020 (updated December 3, 2020)

Go Ethereum, or “Geth”, is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth could cause miners to erroneously calculate PoW in an upcoming epoch. This happened on the ETC chain on . This issue is relevant only for miners, non-mining nodes are unaffected.

References

blog.ethereum.org/2020/11/12/geth_security_release/
nvd.nist.gov/vuln/detail/CVE-2020-26240

Code Behaviors & Features

Detect and mitigate CVE-2020-26240 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →