7.5

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-xc79-566c-j4qx

EPSS Score

CWE

CWE-400

Published

10/10/2025

Updated

10/10/2025

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-xc79-566c-j4qx

GHSA-xc79-566c-j4qx: Parallax is vulnerable to DoS via malicious p2p message

Impact

A vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node.

In order to carry out the attack, the attacker establishes a peer connections to the victim, and sends a malicious GetBlockHeadersRequest message with a count of 0, using the Parallax protocol.

In descendants := chain.GetHeadersFrom(num+count-1, count-1), the value of count-1 is passed to the function GetHeadersFrom(number, count uint64) as parameter count. Due to integer overflow, UINT64_MAX value is then passed as the count argument to function GetHeadersFrom(number, count uint64). This allows an attacker to bypass maxHeadersServe and request all headers from the latest block back to the genesis block.

Patches

The fix has been included in the Parallax client version 0.1.4 and onwards.

The vulnerability was patched in: https://github.com/microstack-tech/parallax/commit/f759e9090aaf00a43c616d7cbd133c44bb1ed01e

Workarounds

No workarounds have been made public.

Credit

This issue was disclosed responsibly by DongHan Kim via the Ethereum bug bounty program, the cooperation is appreciated.

(GitHub Advisory)

7.5

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-xc79-566c-j4qx

EPSS Score

CWE

CWE-400

Published

10/10/2025

Updated

10/10/2025

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/microstack-tech/parallax	go	< 0.1.4	0.1.4

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability is a Denial of Service (DoS) in the Parallax Ethereum client, caused by an integer underflow when processing a GetBlockHeadersRequest p2p message. An attacker can send a request with a count of 0. The code then calculates count - 1, which underflows to UINT64_MAX.

This extremely large value is passed down to the rawdb.ReadHeaderRange function. The analysis of the patch f759e9090aaf00a43c616d7cbd133c44bb1ed01e shows that this function was responsible for allocating memory to retrieve block headers. Before the patch, the amount of memory to allocate was calculated based on the count parameter (max := count * 700). When count is UINT64_MAX, this results in an attempt to allocate an extremely large amount of memory, leading to the DoS.

The vulnerable function rawdb.ReadHeaderRange is where the memory exhaustion occurs. During an exploit, this function would appear in a runtime profile with high memory usage. The patch mitigates the vulnerability by replacing the dangerous calculation with a hardcoded 2MB limit for the memory allocation, effectively capping the resource consumption and preventing the DoS attack.

Vulnerable functions

rawdb.ReadHeaderRange

core/rawdb/accessors_chain.go

The function `ReadHeaderRange` is vulnerable to a denial-of-service attack. An integer underflow in a higher-level function can cause a very large value (UINT64_MAX) to be passed as the `count` parameter. This large `count` is then used to calculate the `max` amount of memory to allocate for reading block headers from ancient storage (`max := count * 700`). This can lead to excessive memory consumption, causing the node to crash. The patch mitigates this by replacing the dynamic calculation with a fixed 2MB cap.

WAF Protection Rules

WAF Rule

### Imp**t * vuln*r**l* no** **n ** m*** to *onsum* v*ry l*r** *mounts o* m*mory w**n **n*lin* sp**i*lly *r**t** p*p m*ss***s s*nt *rom *n *tt**k*r no**. In or**r to **rry out t** *tt**k, t** *tt**k*r *st**lis**s * p**r *onn**tions to t** vi*tim, *

Reasoning

T** vuln*r**ility is * **ni*l o* S*rvi** (*oS) in t** P*r*ll*x *t**r*um *li*nt, **us** *y *n int***r un**r*low w**n pro**ssin* * `**t*lo*k*****rsR*qu*st` p*p m*ss***. *n *tt**k*r **n s*n* * r*qu*st wit* * `*ount` o* `*`. T** *o** t**n **l*ul*t*s `*ou

7.5

Basic Information

Concerned about an active attack path?

GHSA-xc79-566c-j4qx: Parallax is vulnerable to DoS via malicious p2p message

Impact

Patches

Workarounds

Credit

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI