|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
開源比特幣核心專案的工作人員負責維護該軟體在超過 98% 的可到達全節點上運行,他們透露,存在一個重大問題
Bitcoin Core developers have disclosed a new, high severity critical denial-of-service (DoS) software bug on one in every six Bitcoin nodes.
比特幣核心開發人員揭露了每六個比特幣節點中就有一個存在新的高嚴重性拒絕服務(DoS)軟體漏洞。
The critical software bug affects all Bitcoin Core software prior to version 24.0.1, which was released on December 12, 2022. This bug could allow a malicious actor to crash Bitcoin full nodes by spamming them with low-difficulty header chains.
該關鍵軟體錯誤影響2022 年12 月12 日發布的24.0.1 版本之前的所有比特幣核心軟體。 。
According to surveillance estimates from Bitnodes, there are approximately 19,200 self-declared user agents of reachable Bitcoin full nodes. Of these nodes, 3,330 are running software that is vulnerable to this DoS attack.
根據 Bitnodes 的監控估計,大約有 19,200 個自稱可存取的比特幣全節點用戶代理程式。在這些節點中,有 3,330 個正在運行容易受到這種 DoS 攻擊的軟體。
This bug was patched in Bitcoin Core pull request (PR) 25717, which was merged into production with the v24.0.1 release. The latest version of Bitcoin Core node software is 27.1, which includes this and other bug fixes.
此錯誤已在 Bitcoin Core Pull Request (PR) 25717 中修復,該請求已隨 v24.0.1 版本合併到生產中。比特幣核心節點軟體的最新版本是 27.1,其中包括此錯誤修復和其他錯誤修復。
While this DoS vulnerability is considered high severity, there have been few known exploits of this bug on the public record. This is likely due to the fact that the attack is quite expensive to generate and broadcast the necessary header chains. Additionally, the attack provides little financial benefit to the attacker.
雖然此 DoS 漏洞被認為是高度嚴重的,但公共記錄中很少有針對此漏洞的已知利用。這可能是因為攻擊生成和廣播必要的標頭鏈的成本相當昂貴。此外,這種攻擊帶給攻擊者的經濟利益微乎其微。
However, this bug does present a security vulnerability that could be exploited by an extremely wealthy, powerful, or sophisticated actor — such as a nation — who may be interested in disrupting the operations of Bitcoin for non-financial or financially-deferred reasons.
然而,這個錯誤確實存在一個安全漏洞,可能會被極其富有、強大或經驗豐富的參與者(例如一個國家)利用,這些參與者可能有興趣出於非財務或財務延遲的原因破壞比特幣的運營。
Bitcoin Core developers began disclosing serious bugs in early June that had been patched for at least 18 months. Initially, they disclosed bugs in Bitcoin Core versions 20 and below, out of a desire to be transparent and to thank developers for their voluntary, responsible disclosures.
Bitcoin Core 開發人員在 6 月初開始揭露嚴重錯誤,這些錯誤已經修補了至少 18 個月。最初,他們披露了比特幣核心版本 20 及以下版本中的錯誤,出於透明的願望並感謝開發人員自願、負責任的披露。
Every few weeks, they disclosed more software bugs, in the interest of transparency and to thank developers for their voluntary, responsible disclosures.
每隔幾週,他們就會揭露更多的軟體錯誤,以提高透明度,並感謝開發人員自願、負責任的揭露。
As the months have passed, however, the Bitcoin Core Project has disclosed bugs affecting more and more recent software versions. Thursday’s disclosure highlights significant risks to Bitcoin Core software versions 24 and prior, including software as recent as May 18, 2023.
然而,幾個月過去了,比特幣核心專案披露了影響越來越多最新軟體版本的錯誤。週四的披露強調了比特幣核心軟體版本 24 及之前的重大風險,包括最近到 2023 年 5 月 18 日的軟體。
Many observers initially dismissed the historical bug transparency roll-out as a historical curiosity, but it is quickly having a present-day impact. Unless Bitcoin node operators update their software, up to 17% of the network could be at risk of a DoS attack.
許多觀察家最初將歷史性錯誤透明度的推出視為一種歷史好奇心,但它很快就產生了當今的影響。除非比特幣節點業者更新其軟體,否則高達 17% 的網路可能面臨 DoS 攻擊的風險。
免責聲明:info@kdj.com
所提供的資訊並非交易建議。 kDJ.com對任何基於本文提供的資訊進行的投資不承擔任何責任。加密貨幣波動性較大,建議您充分研究後謹慎投資!
如果您認為本網站使用的內容侵犯了您的版權,請立即聯絡我們(info@kdj.com),我們將及時刪除。
-
- 代幣解鎖:您需要了解的內容
- 2024-09-20 20:40:02
- 代幣解鎖是加密貨幣領域中反覆發生的事件。阻止它們幾乎是不可能的。一般來說,令牌解鎖是每個加密貨幣的一部分
-
- Kabosu 贏得了我們的心並創立了 Atsuko Sato Meta
- 2024-09-20 20:35:05
- 總督社區的許多人哀悼卡博甦的去世,並透過表情包和衷心的信息表達敬意。 Kabosu部落格收集了Kabosu生活中的感人時刻。
-
- 中本聰時代比特幣 (BTC) 礦工錢包休眠 15.5 年開始轉移 BTC
- 2024-09-20 20:35:05
- 據鏈上追蹤公司 Lookonchain 稱,這些比特幣礦工錢包在 2009 年獲得了每個區塊 50 BTC 作為挖礦獎勵。
-
- 奪取泰坦:主宰 $SFM 空投場景
- 2024-09-20 20:30:01
- Airdrop Mavericks:Blaze Your SAFEMOON Claiming Trail ARB Buff Follow - 聆聽分享領取 $SFM 代幣空投的分步指南
-
- $SEI 空投狂潮 — 快行動!
- 2024-09-20 20:30:01
- $SEI 空投領取 — 完整指南
-
- Jupiter Token (JUP) 24 小時內飆升近 13%,達到 0.8864 美元,成為頭條新聞
- 2024-09-20 20:30:01
- JUP 價格的上漲是在 Jupiter 交易所最近宣布收購後發生的。在周五的 Solana Breakpoint 活動上,聯合創始人 Siong Ong 透露,Jupiter 已收購區塊鏈瀏覽器 SolanaFM。
-
- 1inch crypto推出Fusion+,這是其生態系統的重大升級
- 2024-09-20 20:30:01
- 1inch 代幣對其生態系統進行了重大升級:Fusion+。它繼承了其前身的遺產,並在以下方面進行了改進
-
- 馬龍林 (Malone Lam) 和讓迪爾塞拉諾 (Jeandiel Serrano) 因利用被盜比特幣洗錢 2.3 億美元而被捕
- 2024-09-20 20:30:01
- 聯邦調查局 (FBI) 逮捕了兩名涉嫌盜竊和洗錢超過 2.3 億美元比特幣 (BTC) 的人
-
- 超級川普幣 (STRUMP) 每週上漲 18.99%,由唐納德·川普相關新聞和市場情緒提供
- 2024-09-20 20:30:01
- 超級川普幣(STRUMP)幾週來一直在 0.007431 美元至 0.004837 美元之間的盤整區間內交易。