Bug 1217678 (CVE-2023-37192)

Summary: VUL-0: CVE-2023-37192: bitcoin-core: memory manipulation leading to transaction redirection
Product: [openSUSE] openSUSE Distribution Reporter: SMASH SMASH <smash_bz>
Component: SecurityAssignee: Martin Pluskal <mpluskal>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P3 - Medium CC: stoyan.manolov
Version: Leap 15.6   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/371526/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2023-11-30 04:38:52 UTC 
Memory management and protection issues in Bitcoin Core v22 allows attackers to
modify the stored sending address within the app's memory, potentially allowing
them to redirect Bitcoin transactions to wallets of their own choosing.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37192