CVE-2024-38365
CVE-2024-38365 is a high-severity vulnerability in Btcd Project Btcd with a CVSS 3.x base score of 7.4. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-670.
Key facts
- Severity: High (CVSS 3.x base score 7.4)
- EPSS exploit prediction: 1% (59th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2024-2904
- Weakness: CWE-670
- Affected product: Btcd Project Btcd
- Published:
- Last modified:
Description
btcd is an alternative full node bitcoin implementation written in Go (golang). The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block (or rejecting a valid one). This consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). An attacker can create a standard transaction where FindAndDelete doesn't return a match but removeOpCodeByData does making btcd get a different sighash, leading to a chain split. Importantly, this vulnerability can be exploited remotely by any Bitcoin user and does not require any hash power. This is because the difference in behavior can be triggered by a "standard" Bitcoin transaction, that is a transaction which gets relayed through the P2P network before it gets included in a Bitcoin block. `removeOpcodeByData(script []byte, dataToRemove []byte)` removes any data pushes from `script` that contain `dataToRemove`. However, `FindAndDelete` only removes exact matches. So for example, with `script = "<data> <data||foo>"` and `dataToRemove = "data"` btcd will remove both data pushes but Bitcoin Core's `FindAndDelete` only removes the first `<data>` push. This has been patched in btcd version v0.24.2. Users are advised to upgrade. There are no known workarounds for this issue.
Frequently asked questions
- What is CVE-2024-38365?
- btcd is an alternative full node bitcoin implementation written in Go (golang). The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block (or rejecting a valid one). This consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). An attacker can create a standard transaction where FindAndDelete doesn't return a match but removeOpCodeByData does making btcd get a different sighash, leading to a chain split. Importantly, this vulnerability can be exploited remotely by any Bitcoin user and does not require any hash power. This is because the difference in behavior can be triggered by a "standard" Bitcoin transaction, that is a transaction which gets relayed through the P2P network before it gets included in a Bitcoin block. `removeOpcodeByData(script []byte, dataToRemove []byte)` removes any data pushes from `script` that contain `dataToRemove`. However, `FindAndDelete` only removes exact matches. So for example, with `script = "<data> <data||foo>"` and `dataToRemove = "data"` btcd will remove both data pushes but Bitcoin Core's `FindAndDelete` only removes the first `<data>` push. This has been patched in btcd version v0.24.2. Users are advised to upgrade. There are no known workarounds for this issue.
- How severe is CVE-2024-38365?
- CVE-2024-38365 has a CVSS 3.x base score of 7.4, rated high severity. It is exploitable over network with high attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity high, and availability high.
- Is CVE-2024-38365 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (59th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2024-38365?
- CVE-2024-38365 affects Btcd Project Btcd. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2024-38365?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- Does CVE-2024-38365 have an EU (EUVD) identifier?
- Yes. CVE-2024-38365 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2024-2904.
- When was CVE-2024-38365 published?
- CVE-2024-38365 was published on 2024-10-11 and last updated on 2026-06-17.
References
- https://delvingbitcoin.org/t/cve-2024-38365-public-disclosure-btcd-findanddelete-bug/1184
- https://github.com/btcsuite/btcd/commit/04469e600e7d4a58881e2e5447d19024e49800f5
- https://github.com/btcsuite/btcd/releases/tag/v0.24.2
- https://github.com/btcsuite/btcd/security/advisories/GHSA-27vh-h6mc-q6g8
Affected products (1)
- cpe:2.3:a:btcd_project:btcd:*:*:*:*:*:*:*:*
More vulnerabilities in Btcd Project Btcd
- CVE-2022-44797 — Critical (CVSS 9.8): btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles…
- CVE-2022-39389 — High (CVSS 8.2): Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before…
- CVE-2024-34478 — High (CVSS 7.5): btcd before 0.24.0 does not correctly implement the consensus rules outlined in BIP 68 and BIP 112, making it…
- CVE-2018-17145 — High (CVSS 7.5): Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of…
All CVEs affecting Btcd Project Btcd →
Other CWE-670 vulnerabilities
- CVE-2025-43359 — Critical (CVSS 9.8): A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and…
- CVE-2022-25745 — Critical (CVSS 9.8): Memory corruption in modem due to improper input validation while handling the incoming CoAP message
- CVE-2020-1914 — Critical (CVSS 9.8): A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit…
- CVE-2020-17466 — Critical (CVSS 9.8): Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php and ignoring 302…
- CVE-2019-17192 — Critical (CVSS 9.8): The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing…
- CVE-2026-55276 — Critical (CVSS 9.1): Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty…