A bug with the code CVE-2024-35202, found in Bitcoin Core versions before 25.0, allows attackers to remotely crash nodes that process transaction data. The issue is related to shortened transaction identifiers, which can cause a conflict, leading to a system failure.
Although Bitcoin Core 25.0 was released in May 2023, fixing this bug, a significant number of nodes are still using older versions, remaining vulnerable to attacks. The developers insist on an urgent software update to version 28.0 to secure the network.
While this vulnerability does not allow attackers to double-spend bitcoins, the fact that nodes can be taken down poses a serious threat to the network. This problem may be of particular interest to large corporations or government agencies that may want to destabilize the Bitcoin network.
Similar vulnerabilities in Bitcoin Core have been identified before. One of the main problems remains the lack of automatic software updates. Node operators are forced to monitor new versions and install updates manually. This creates additional risks for the stability of the network, because in the event of a mass refusal to update, a significant part of the infrastructure may be at risk.
Thus, timely updating of nodes remains an important element of protecting the Bitcoin network. Without regular updates, the cryptocurrency ecosystem may face serious challenges in the future.