The Bitcoin Development Podcast

Discussing Pre-22.0 Bitcoin Core Vulnerability Disclosures

July 31, 2024·24 min
Episode Description from the Publisher

Brink engineers Gloria Zhao and Niklas Gögge talk through the recently disclosed Bitcoin Core pre-22.0 vulnerabilities. This continues our previous discussion in Episode 4 on pre-0.21.0 Bitcoin Core Vulnerabilities. (0:00) - Introduction (1:07) - Background on Bitcoin peer-to-peer address relay (4:30) - Bitcoin Core’s AddrMan (address manager) data structure (5:37) - Disclosure of remote crash due to addr message spam (8:51) - Address spamming observed on the network (10:57) - Bitcoin Core #22387 PR to fix addr message spam (13:46) - Background on Miniupnp, the UPnP library used by Bitcoin Core (15:18) - The bug in Miniupnpc (16:33) - Disclosure of the impact of an infinite loop bug in the miniupnp dependency (17:50) - Bitcoin Core #20421 PR to fix the infinite loop bug in the miniupnp dependency (18:46) - Lessons learned

Podzilla Summary coming soon

Sign up to get notified when the full AI-powered summary is ready.

Get Free Summaries →

Free forever for up to 3 podcasts. No credit card required.

Listen to This Episode

Apple Podcasts

More from The Bitcoin Development Podcast

Discussing Pre-25.0 Bitcoin Core Vulnerability Disclosures

October 10, 2024·1h 5m

Discussing Pre-0.21.0 Bitcoin Core Vulnerability Disclosures

July 11, 2024·51 min

Sebastian Falbesoner on Code Review and BIP324

September 6, 2023·43 min

Mempool Ancestors and Descendants

November 24, 2021·19 min
View all episodes →

Get summaries like this every morning.

Free AI-powered recaps of The Bitcoin Development Podcast and your other favorite podcasts, delivered to your inbox.

Get Free Summaries →

Free forever for up to 3 podcasts. No credit card required.