CVE-2025-24883
HIGHgo-ethereum 1.14.0-1.14.12 - Denial of Service via Crafted Message
Title source: llmDescription
go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.14.13.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://github.com/ethereum/go-ethereum/security/advisories/GHSA-q26p-9cq4-7fc2
Scores
CVSS v4
8.7
EPSS
0.0063
EPSS Percentile
45.5%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-248
Status
published
Products (2)
ethereum/go-ethereum
1.14.0 - 1.14.13Go
ethereum/go-ethereum
>= 1.14.0, < 1.14.13
Published
Jan 30, 2025
Tracked Since
Feb 18, 2026