5.9

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-29177

GHSA ID

GHSA-wjxw-gh3m-7pm5

EPSS Score

0.54244%

CWE

CWE-400

Published

5/24/2022

Updated

1/27/2023

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-29177

CVE-2022-29177: DoS via malicious p2p message in Go Ethereum

Impact

A vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node.

Patches

The following PR addresses the problem: https://github.com/ethereum/go-ethereum/pull/24507

Workarounds

Aside from applying the PR linked above, setting loglevel to default level (INFO) makes the node not vulnerable to this attack.

Credits

This bug was reported by nrv via bounty@ethereum.org, who has gracefully requested that the bounty rewards be donated to Médecins sans frontières.

For more information

If you have any questions or comments about this advisory:

Open an issue in go-ethereum

(GitHub Advisory)

5.9

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-29177

GHSA ID

GHSA-wjxw-gh3m-7pm5

EPSS Score

0.54244%

CWE

CWE-400

Published

5/24/2022

Updated

1/27/2023

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/ethereum/go-ethereum	go	< 1.10.17	1.10.17

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability manifests in p2p message handling with high verbosity logging. Key functions were identified through: 1) Protocol entry points (handler.handleMsg) where messages are processed 2) Network layer message loops (Peer.run) that receive raw data. Both locations would log message contents at DEBUG/TRACE levels. The patch likely added message size validation() before logging. Confidence is medium as analysis is based on vulnerability patterns rather than explicit patch diffs.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t * vuln*r**l* no**, i* *on*i*ur** to us* *i** v*r*osity lo**in*, **n ** m*** to *r*s* w**n **n*lin* sp**i*lly *r**t** p*p m*ss***s s*nt *rom *n *tt**k*r no**. ### P*t***s T** *ollowin* PR ***r*ss*s t** pro*l*m: *ttps://*it*u*.*om/*t**r*

Reasoning

T** vuln*r**ility m*ni**sts in p*p m*ss*** **n*lin* wit* *i** v*r*osity lo**in*. K*y *un*tions w*r* i**nti*i** t*rou**: *) Proto*ol *ntry points (`**n*l*r.**n*l*Ms*`) w**r* m*ss***s *r* pro**ss** *) N*twork l*y*r m*ss*** loops (`P**r.run`) t**t r***i

5.9

Basic Information

Concerned about an active attack path?

CVE-2022-29177: DoS via malicious p2p message in Go Ethereum

Impact

Patches

Workarounds

Credits

For more information

5.9

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI