The developers of the leading Ethereum client have released a new version of Geth v1.10.8, which fixes a serious vulnerability in the code.
Geth v1.10.8 is out, fixing a security vulnerability in all live versions of Geth. All Geth users need to update.
Further details will be provided at a later date to avoid attacks on #Ethereum and downstream projects.https: //t.co/VQ398K0TA4
– Go Ethereum (@go_ethereum) August 24, 2021
“The exact attack vector will be provided at a later date so that the node operators and dependent projects can be updated,” the message says.
According to the developers, all versions of Geth that support the London hard fork are vulnerable. They encouraged users to install the new version of the client.
According to Ethernodes.org, at the time of writing, 74.5% of nodes are using Geth.
In 2016, a Geth customer was hit by a massive DDoS attack. The best way to solve this problem was to connect the nodes to other software.
In August 2020, a bug in the Parity-Ethereum and OpenEthereum clients led to a synchronization error for 13% of the nodes on the network. At the same time, the head of the Geth team, Peter Siladyi, spoke out against creating a list of critical vulnerabilities – in his opinion, this threatens the Ethereum network and could lead to adverse financial consequences.
Recall that at the end of May 2021, the developer of the Ethereum Foundation, Tim Beiko, spoke about the problem in the EIP-1559 proposal, which could lead to network congestion.
Subscribe to the ForkLog YouTube channel!
Found a mistake in the text? Select it and press CTRL + ENTER