CVE-2024-32972

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-32972

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-32972.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-32972

Aliases

Published

2024-05-06T14:26:19.510Z

Modified

2025-11-15T19:02:24.555849Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

go-ethereum denial of service via malicious p2p message

Details

go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version 1.13.15 and onwards.

Database specific

{
    "cwe_ids": [
        "CWE-400"
    ]
}

References

Affected packages

Git / github.com/ethereum/go-ethereum

Affected ranges

Type

GIT

Repo

https://github.com/ethereum/go-ethereum

Events

Introduced

Fixed

c5ba367eb6232e3eddd7d6226bfd374449c63164

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.13.15"
        }
    ]
}

Affected versions

0.*

0.2.2

0.3.0

0.3.1

0.5.13

0.5.14

0.5.15

0.5.16

0.5.17

0.5.18

0.5.19

0.9.16

0.9.23

Other

PoC6

poc1

poc5-rc1

poc5-rc10

poc5-rc11

poc5-rc12

poc5-rc2

poc5-rc3

poc5-rc4

poc5-rc6

poc5-rc7

poc5-rc8

poc5-rc9

v0.*

v0.6.0

v0.6.3

v0.6.4

v0.6.5

v0.6.5-1

v0.6.5-2

v0.6.6

v0.6.7

v0.6.8

v0.7.10

v0.7.10-broken

v0.7.11

v0.8.4

v0.8.4-1

v0.8.5

v0.8.5-2

v0.9.17

v0.9.18

v0.9.20

v0.9.21

v0.9.21.1

v0.9.22

v0.9.23

v0.9.24

v0.9.25

v0.9.26

v0.9.28

v0.9.30

v0.9.32

v0.9.34

v0.9.34-1

v0.9.36

v0.9.38

v0.9.39

v1.*

v1.0.1

v1.10.0

v1.10.1

v1.10.10

v1.10.11

v1.10.12

v1.10.13

v1.10.14

v1.10.15

v1.10.16

v1.10.17

v1.10.18

v1.10.19

v1.10.2

v1.10.20

v1.10.21

v1.10.22

v1.10.23

v1.10.3

v1.10.4

v1.10.5

v1.10.6

v1.10.7

v1.10.8

v1.10.9

v1.11.0

v1.11.1

v1.11.2

v1.11.3

v1.11.4

v1.11.5

v1.11.6

v1.12.0

v1.12.1

v1.13.0

v1.13.1

v1.13.10

v1.13.11

v1.13.12

v1.13.13

v1.13.14

v1.13.2

v1.13.3

v1.13.4

v1.13.5

v1.13.6

v1.13.7

v1.13.8

v1.13.9

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.5.6

v1.5.7

v1.5.8

v1.5.9

v1.6.0

v1.6.1

v1.6.2

v1.6.3

v1.6.4

v1.6.5

v1.6.6

v1.6.7

v1.7.0

v1.7.1

v1.7.2

v1.7.3

v1.8.0

v1.8.1

v1.8.10

v1.8.11

v1.8.12

v1.8.13

v1.8.14

v1.8.15

v1.8.16

v1.8.17

v1.8.18

v1.8.19

v1.8.2

v1.8.20

v1.8.21

v1.8.3

v1.8.4

v1.8.5

v1.8.6

v1.8.7

v1.8.8

v1.8.9

v1.9.0

v1.9.1

v1.9.10

v1.9.11

v1.9.12

v1.9.13

v1.9.14

v1.9.15

v1.9.16

v1.9.17

v1.9.18

v1.9.19

v1.9.2

v1.9.20

v1.9.21

v1.9.22

v1.9.23

v1.9.24

v1.9.25

v1.9.3

v1.9.4

v1.9.5

v1.9.6

v1.9.7

v1.9.8

v1.9.9