1217678 – (CVE-2023-37192) VUL-0: CVE-2023-37192: bitcoin-core: memory manipulation leading to transaction redirection

Bug 1217678 (CVE-2023-37192) - VUL-0: CVE-2023-37192: bitcoin-core: memory manipulation leading to transaction redirection

Summary: VUL-0: CVE-2023-37192: bitcoin-core: memory manipulation leading to transacti...

Status:	NEW

Alias:	CVE-2023-37192

Product:	openSUSE Distribution
Classification:	openSUSE
Component:	Security (show other bugs)
Version:	Leap 15.6
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major (vote)
Target Milestone:	---
Assignee:	Martin Pluskal
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/371526/
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-11-30 04:38 UTC by SMASH SMASH
Modified:	2023-11-30 05:15 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SMASH SMASH 2023-11-30 04:38:52 UTC

Memory management and protection issues in Bitcoin Core v22 allows attackers to
modify the stored sending address within the app's memory, potentially allowing
them to redirect Bitcoin transactions to wallets of their own choosing.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-37192