delvingbitcoin
CVE-2024-38365 public disclosure (btcd `FindAndDelete` bug)
Posted on: October 10, 2024 09:02 UTC
Niklas Gögge and Antoine Poinsot, from Brink and Wizardsardine respectively, uncovered a significant flaw in the Btcd software versions prior to 0.24.2.
They found that these versions did not adhere to the legacy signature verification consensus rules as established by Bitcoin Core. Specifically, the issue lies in how the script interpreter of a Bitcoin node reconstructs the signed message for transaction input verification. The original method, detailed on this wiki page, involves removing any instance of the signature being verified from the executed Script, a process referred to as FindAndDelete
. However, Btcd’s implementation, removeOpcodeByData
, deviated by removing any data push containing the signature rather than exact matches only. This discrepancy could potentially allow an attacker to create a Script that would be considered valid by Bitcoin Core but invalid by affected Btcd nodes, thus enabling the forking of vulnerable nodes with minimal effort.
This vulnerability was traced back to a 2014 commit made in response to a new Bitcoin Core unit test that highlighted the original implementation's incompatibility with consensus rules. Recognizing the severity of this oversight, Niklas and Antoine reported their findings to Olaoluwa Osuntokun, leading to further discussions and the eventual resolution of the issue. Their proactive engagement and thorough investigation were acknowledged through a bug bounty awarded by the Btcd maintainers.
The timeline of events showcases a diligent and coordinated effort to address the vulnerability, starting with the initial discovery and communication of the flaw in March 2024, followed by the reservation of CVE identifiers (CVE-2024-36051 by Antoine and CVE-2024-38365 by Laolu). A covert fix was subsequently introduced and merged through PR 2178, culminating in the release of version 0.24.2, which contained the necessary corrections. The responsible disclosure on September 20, 2024, marked the final step in ensuring the community was informed and protected against potential exploits stemming from this issue.