Integer Overflow Bug in Bitcoin Core v22.0

Details of an integer overflow bug that caused an assertion crash were disclosed, with a fix released in Bitcoin Core version v22.0 on September 14, 2021. This issue is being considered High severity.

Overview of the Bug

The integer overflow bug was found in the CAddrMan module of Bitcoin Core. Within this module, there is a 32-bit field called nIdCount that is used as an identifier for new entries. Each time an address is inserted, this field is incremented. However, if an attacker manages to insert 2³² entries (e.g., by sending messages to spam addresses), the identifier overflows, leading to an assertion crash.

Discovery and Fix

The vulnerability was discovered and disclosed by Eugene Siegel. Pieter Wuille was credited with fixing the bug promptly. Eugene Siegel reported the issue to security@bitcoincore.org on June 21, 2021. The fixes were merged on July 19, 2021, and the updated Bitcoin Core version v22.0 was released on September 13, 2021. The public disclosure of the bug was made on July 31, 2024.

Importance of Timely Updates

It is crucial for users of Bitcoin Core and other cryptocurrency software to ensure they are using the latest versions. Timely updates help protect against known vulnerabilities and bugs, reducing the risk of exploitation by malicious actors. In the case of the integer overflow bug in Bitcoin Core v22.0, prompt action by the development team prevented potential crashes and maintained the security of the network.