Bitcoin Core, the open-source software that forms the basis of the entire Bitcoin network suffers from a major bug that if exploited can collapse the entire network. Bitcoin developers silently fixed this critical bug and kept all the details of the bug secret until its fix. Moreover, the vulnerability could have affected other minor cryptocurrencies as well.
The developers announced the vulnerability on the Bitcoin Core Project’s official Twitter handle.
The bug was "Denial-of-Service" (DoS), which resides in the Bitcoin Core, and exploiting this vulnerability could have rendered all digital coins on the entire network useless. While DoS flaws may not appear significantly dangerous in themselves, this DoS flaw was potential harm in itself.
According to the report, an anonymous user originally filed a report about the denial-of-service bug to top developers of Bitcoin Core and Bitcoin ABC, the main software implementation of bitcoin cash. About two hours later, Chaincode engineer and Bitcoin Core developer Matt Corallo realized the bug could have been exploited to print unlimited bitcoin.
Explaining this DoS vulnerability (CVE-2018-17144), the Bitcoin Core team said in the security advisory,
The developers announced the vulnerability on the Bitcoin Core Project’s official Twitter handle.
Bitcoin Core 0.16.3 was released: https://t.co/SsbsJsqSTo— Bitcoin Core Project (@bitcoincoreorg) September 18, 2018
Upgrade recommended due to vulnerability fix
According to the report, an anonymous user originally filed a report about the denial-of-service bug to top developers of Bitcoin Core and Bitcoin ABC, the main software implementation of bitcoin cash. About two hours later, Chaincode engineer and Bitcoin Core developer Matt Corallo realized the bug could have been exploited to print unlimited bitcoin.
Explaining this DoS vulnerability (CVE-2018-17144), the Bitcoin Core team said in the security advisory,
It was discovered that older versions of Bitcoin Core will crash if they try to process a block containing a transaction that attempts to spend the same input twice. Such blocks are invalid, so they can only be created by a miner willing to sacrifice their allowed income for creating a block of at least 12.5 BTC.”The bug affected all Bitcoin Core versions from 0.14.0 to 0.16.2. However, the developers have fixed the vulnerability in the latest 0.16.3 version. All users should thus upgrade their Bitcoin Core software at the earliest to nullify the bug.