Описание
RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network.
RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-20112
- https://github.com/ethereum/devp2p/issues/32
- https://github.com/ethereum/go-ethereum/issues/1315
- https://github.com/hyperledger/besu/issues/7926
- https://github.com/LaurentMT/go-ethereum/commit/e8cba7283b57280b1bcf5761478f852398365901
- https://github.com/ethereum/devp2p/blob/master/rlpx.md#known-issues-in-the-current-version
Связанные уязвимости
CVSS3: 3.4
nvd
7 месяцев назад
RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network.