Incorrect Synchronization
CVE-2024-58131
Summary
FISCO BCOS 3.11.0 has an issue with synchronization of the transaction pool that can, for example, be observed when a malicious node (that has modified the codebase to allow a large min_seal_time value) joins a blockchain network.
- HIGH
- NETWORK
- NONE
- CHANGED
- NONE
- NONE
- NONE
- LOW
CWE-821 - Incorrect Synchronization
The software utilizes a shared resource in a concurrent manner, but it does not correctly synchronize access to the resource.
References
Advisory Timeline
- Published
