CVE-2024-38359 - Vulnerability Details - OpenCVE

ReportizFlow

The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version > v0.17.0 to be protected. Users unable to upgrade may set the `--rejecthtlc` CLI flag and also disable forwarding on channels via the `UpdateChanPolicyCommand`, or disable listening on a public network interface via the `--nolisten` flag as a mitigation.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Lightning Network Daemon Project	Lightning Network Daemon

No data.

No data.

References

Link	Providers
https://delvingbitcoin.org/t/dos-disclosure-lnd-onion-bomb/979
https://github.com/lightningnetwork/lnd/releases/tag/v0.17.0-beta
https://github.com/lightningnetwork/lnd/security/advisories/GHSA-9gxx-58q6-42p7
https://lightning.network
https://morehouse.github.io/lightning/lnd-onion-bomb

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-06-20T22:16:00.428Z

Updated: 2024-08-02T04:04:25.238Z

Reserved: 2024-06-14T14:16:16.465Z

Link: CVE-2024-38359

Vulnrichment

Updated: 2024-06-21T12:34:40.955Z

NVD

Status : Awaiting Analysis

Published: 2024-06-20T23:15:52.700

Modified: 2024-11-21T09:25:26.843

Link: CVE-2024-38359

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-38359", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-14T14:16:16.465Z", "datePublished": "2024-06-20T22:16:00.428Z", "dateUpdated": "2024-08-02T04:04:25.238Z"}, "containers": {"cna": {"title": "Lightning Network Daemon Onion Bomb", "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/lightningnetwork/lnd/security/advisories/GHSA-9gxx-58q6-42p7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/lightningnetwork/lnd/security/advisories/GHSA-9gxx-58q6-42p7"}, {"name": "https://delvingbitcoin.org/t/dos-disclosure-lnd-onion-bomb/979", "tags": ["x_refsource_MISC"], "url": "https://delvingbitcoin.org/t/dos-disclosure-lnd-onion-bomb/979"}, {"name": "https://github.com/lightningnetwork/lnd/releases/tag/v0.17.0-beta", "tags": ["x_refsource_MISC"], "url": "https://github.com/lightningnetwork/lnd/releases/tag/v0.17.0-beta"}, {"name": "https://lightning.network", "tags": ["x_refsource_MISC"], "url": "https://lightning.network"}, {"name": "https://morehouse.github.io/lightning/lnd-onion-bomb", "tags": ["x_refsource_MISC"], "url": "https://morehouse.github.io/lightning/lnd-onion-bomb"}], "affected": [{"vendor": "lightningnetwork", "product": "lnd", "versions": [{"version": "< 0.17.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-20T22:16:00.428Z"}, "descriptions": [{"lang": "en", "value": "The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version > v0.17.0 to be protected. Users unable to upgrade may set the `--rejecthtlc` CLI flag and also disable forwarding on channels via the `UpdateChanPolicyCommand`, or disable listening on a public network interface via the `--nolisten` flag as a mitigation."}], "source": {"advisory": "GHSA-9gxx-58q6-42p7", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "lightning_network_daemon_project", "product": "lightning_network_daemon", "cpes": ["cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "0.17.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-21T12:33:07.175758Z", "id": "CVE-2024-38359", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-21T12:34:58.656Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:04:25.238Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/lightningnetwork/lnd/security/advisories/GHSA-9gxx-58q6-42p7", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/lightningnetwork/lnd/security/advisories/GHSA-9gxx-58q6-42p7"}, {"name": "https://delvingbitcoin.org/t/dos-disclosure-lnd-onion-bomb/979", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://delvingbitcoin.org/t/dos-disclosure-lnd-onion-bomb/979"}, {"name": "https://github.com/lightningnetwork/lnd/releases/tag/v0.17.0-beta", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/lightningnetwork/lnd/releases/tag/v0.17.0-beta"}, {"name": "https://lightning.network", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lightning.network"}, {"name": "https://morehouse.github.io/lightning/lnd-onion-bomb", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://morehouse.github.io/lightning/lnd-onion-bomb"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38359", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-21T12:33:07.175758Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0:*:*:*:*:*:*:*"], "vendor": "lightning_network_daemon_project", "product": "lightning_network_daemon", "versions": [{"status": "affected", "version": "0", "lessThan": "0.17.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-21T12:34:40.955Z"}}], "cna": {"title": "Lightning Network Daemon Onion Bomb", "source": {"advisory": "GHSA-9gxx-58q6-42p7", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "lightningnetwork", "product": "lnd", "versions": [{"status": "affected", "version": "< 0.17.0"}]}], "references": [{"url": "https://github.com/lightningnetwork/lnd/security/advisories/GHSA-9gxx-58q6-42p7", "name": "https://github.com/lightningnetwork/lnd/security/advisories/GHSA-9gxx-58q6-42p7", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://delvingbitcoin.org/t/dos-disclosure-lnd-onion-bomb/979", "name": "https://delvingbitcoin.org/t/dos-disclosure-lnd-onion-bomb/979", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/lightningnetwork/lnd/releases/tag/v0.17.0-beta", "name": "https://github.com/lightningnetwork/lnd/releases/tag/v0.17.0-beta", "tags": ["x_refsource_MISC"]}, {"url": "https://lightning.network", "name": "https://lightning.network", "tags": ["x_refsource_MISC"]}, {"url": "https://morehouse.github.io/lightning/lnd-onion-bomb", "name": "https://morehouse.github.io/lightning/lnd-onion-bomb", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version > v0.17.0 to be protected. Users unable to upgrade may set the `--rejecthtlc` CLI flag and also disable forwarding on channels via the `UpdateChanPolicyCommand`, or disable listening on a public network interface via the `--nolisten` flag as a mitigation."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-06-20T22:16:00.428Z"}}}, "cveMetadata": {"cveId": "CVE-2024-38359", "state": "PUBLISHED", "dateUpdated": "2024-06-21T12:34:58.656Z", "dateReserved": "2024-06-14T14:16:16.465Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-06-20T22:16:00.428Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version > v0.17.0 to be protected. Users unable to upgrade may set the `--rejecthtlc` CLI flag and also disable forwarding on channels via the `UpdateChanPolicyCommand`, or disable listening on a public network interface via the `--nolisten` flag as a mitigation."}, {"lang": "es", "value": "Lightning Network Daemon (lnd): es una implementaci\u00f3n completa de un nodo Lightning Network. Una vulnerabilidad de an\u00e1lisis en la l\u00f3gica de procesamiento de cebolla de lnd y conduce a un vector DoS debido a una asignaci\u00f3n excesiva de memoria. El problema se solucion\u00f3 en lnd v0.17.0. Los usuarios deben actualizar a una versi\u00f3n > v0.17.0 para estar protegidos. Los usuarios que no puedan actualizar pueden configurar el indicador CLI `--rejecthtlc` y tambi\u00e9n deshabilitar el reenv\u00edo de canales a trav\u00e9s de `UpdateChanPolicyCommand`, o desactivar la escucha en una interfaz de red p\u00fablica a trav\u00e9s del indicador `--nolisten` como mitigaci\u00f3n."}], "id": "CVE-2024-38359", "lastModified": "2024-11-21T09:25:26.843", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}]}, "published": "2024-06-20T23:15:52.700", "references": [{"source": "[email protected]", "url": "https://delvingbitcoin.org/t/dos-disclosure-lnd-onion-bomb/979"}, {"source": "[email protected]", "url": "https://github.com/lightningnetwork/lnd/releases/tag/v0.17.0-beta"}, {"source": "[email protected]", "url": "https://github.com/lightningnetwork/lnd/security/advisories/GHSA-9gxx-58q6-42p7"}, {"source": "[email protected]", "url": "https://lightning.network"}, {"source": "[email protected]", "url": "https://morehouse.github.io/lightning/lnd-onion-bomb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://delvingbitcoin.org/t/dos-disclosure-lnd-onion-bomb/979"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/lightningnetwork/lnd/releases/tag/v0.17.0-beta"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/lightningnetwork/lnd/security/advisories/GHSA-9gxx-58q6-42p7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lightning.network"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://morehouse.github.io/lightning/lnd-onion-bomb"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "[email protected]", "type": "Secondary"}]}