|
| 1 | +--- |
| 2 | +title: Disclosure of netsplit due to malicious P2P messages by first 200 peers (≤ version 0.20.1) |
| 3 | +name: blog-disclose-timestamp-overflow |
| 4 | +id: en-blog-disclose-timestamp-overflow |
| 5 | +lang: en |
| 6 | +type: advisory |
| 7 | +layout: post |
| 8 | + |
| 9 | +## If this is a new post, reset this counter to 1. |
| 10 | +version: 1 |
| 11 | + |
| 12 | +## Only true if release announcement or security annoucement. English posts only |
| 13 | +announcement: 1 |
| 14 | + |
| 15 | +excerpt: > |
| 16 | + Disclosure of the details of an integer overflow bug which risked causing a network split. |
| 17 | +--- |
| 18 | + |
| 19 | +Disclosure of the details of an integer overflow bug which risked causing a network split, a fix for |
| 20 | +which was released on January 15th, 2021 in Bitcoin Core version 0.21.0. |
| 21 | + |
| 22 | +This issue is considered **Medium** severity. |
| 23 | + |
| 24 | +## Technical details |
| 25 | + |
| 26 | +A network split vulnerability resulted from two separate bugs in the processing code of `version` |
| 27 | +messages: |
| 28 | +* Signed-integer overflow when calculating the time offset for newly connecting peers. |
| 29 | +* abs64 logic bug (`abs64(std::numeric_limits<int64_t>::min()) == |
| 30 | + std::numeric_limits<int64_t>::min()`), resulting in a bypass of the maximum time adjustment limit. |
| 31 | + |
| 32 | +The two bugs allow an attacker to force a victims adjusted time (`system time + network time |
| 33 | +offset`) to be skewed such that any new blocks are rejected for having a timestamp that is dated too |
| 34 | +far in the future. It should be noted that this attack assumes the attacker is among the first 200 |
| 35 | +peers to connect to the victim, as only the time offsets from those initial connections are factored |
| 36 | +into adjusted time. |
| 37 | + |
| 38 | +## Attribution |
| 39 | + |
| 40 | +Credit goes to [practicalswift](https://github.com/practicalswift) for discovering and providing the |
| 41 | +initial fix for the vulnerability, and Pieter Wuille for the fix as well as general cleanup to the |
| 42 | +at-risk code. |
| 43 | + |
| 44 | +## Timeline |
| 45 | + |
| 46 | +* 2020-10-10 Initial report send to security@bitcoincore.org |
| 47 | +* 2020-10-13 Fix merged into Bitcoin Core (https://github.com/bitcoin/bitcoin/pull/20141) |
| 48 | +* 2021-01-15 v0.21.0 released |
| 49 | +* 2022-04-25 The last vulnerable Bitcoin Core version (0.20.x) goes EOL |
| 50 | +* 2024-07-03 Public disclosure |
| 51 | + |
| 52 | +{% include references.md %} |
0 commit comments