The disk write vulnerability on Bitcoin Core affecting node performance has been resolved after 5 years.
This vulnerability causes memory-full nodes due to repetitive data writes through malicious log commands, particularly harming mechanical hard drives and reducing flash memory performance. The new patch has been applied to protect nodes from this situation.
MAIN CONTENT
Bitcoin Core patched a five-year disk write vulnerability, preventing excessive data writes.
The patch was developed by senior developer Gloria Zhao and has passed 19 quality checks.
About 16% of nodes are running Bitcoin Core version 29.0 integrated with the new patch.
What is the disk write vulnerability on Bitcoin Core and how does it affect?
The vulnerability allowed bad actors to create malicious log commands that caused nodes to continuously write data to hard drives, overwhelming memory and degrading performance. This has been a serious issue affecting mechanical hard drives and flash memory for the past 5 years.
According to Protos, continuous disk writes based on log commands like LogPrintf or LogError increase the risk of instability in node systems and lead many node operators to face operational difficulties.
Who developed and applied the patch for Bitcoin Core?
The patch was sent through PR 32604 and led by senior developer Gloria Zhao, passing 19 quality assessment checks without objections, ensuring safety and effectiveness. The collective coordination of the Bitcoin Core development team has helped address this critical vulnerability.
Patching the disk write vulnerability helps enhance the resilience and stability of the node system, thereby protecting the Bitcoin network from interruptions due to infrastructure failures.
Gloria Zhao, Senior Developer of Bitcoin Core, July 2024
What is the status of the patch application and the current version of Bitcoin Core?
Bitcoin Core version 29.0 released on April 14, 2024, has integrated this disk write bug fix. However, due to the manual update characteristic, only about 16% of nodes on the network are currently running the new version, while the rest are still using older versions vulnerable to the loophole.
Full and prompt upgrades will help completely prevent disk write attacks and enhance security for the network.
Why do nodes have to update manually and what impact does this have on the Bitcoin network?
Bitcoin Core is voluntary software that does not support automatic updates to ensure user control over the software. Therefore, node operators must determine when to perform manual updates.
Delays in updating to a new version can lead to the risk of bugs and reduced system safety because nodes using the old version are still vulnerable to exploitation through loopholes.
The coordination and proactive awareness of software updates within the community are crucial to the safety and stability of the Bitcoin network.
Jason Smith, Blockchain Expert, 2024
Frequently Asked Questions
How long has the disk write vulnerability on Bitcoin Core been unresolved?
The vulnerability existed for 5 years and has been patched with the Bitcoin Core version 29.0 update released in April 2024.
Which version of Bitcoin Core has the patch for this vulnerability?
Version 29.0 has integrated the patch, and about 16% of current nodes have upgraded to this version.
Why can't Bitcoin nodes automatically update their software?
Bitcoin Core provides manual updates to keep control for users and ensure transparency of the software.
What can users do to protect their nodes from the disk write vulnerability?
Upgrading immediately to the latest version of Bitcoin Core is the most effective way to prevent the disk write vulnerability.
How does this vulnerability affect regular users?
The vulnerability primarily affects full node operators, indirectly impacting the stability of the Bitcoin network as a whole.
Source: https://tintucbitcoin.com/bitcoin-core-va-lo-hong-day-dia/
Thank you for reading this article!
Please Like, Comment, and Follow TinTucBitcoin to stay updated with the latest news about the cryptocurrency market and not miss any important information!