List Of Bitcoin Vulnerabilities

[Westingcote]

In this forum everyone talks about the positives of Bitcoin but I thought it would be interesting to have a look at the negatives of Bitcoin and look at the vulnerabilities Bitcoin has suffered through Bitcoin clients and other software like Bitcoin Knots and wxBitcoin. I think it is important for newcomers to cryptocurrency to comprehend the dangers and the history of the vulnerabilities and exposures in order to be aware of the different types of risks that could be conceivable in the future. All of the listed vulnerabilities will already have a solution and I think it's important to think about that too. Throughout history of Bitcoin and the software used for access Bitcoin has experienced 44 documented vulnerabilities ranging from severe to harmless but before we look at them I would like to make it clarify that this is not a anti Bitcoin post and Bitcoin isn't only influenced by the weaknesses below.

I have before talked about negatives of Bitcoin and "timejacking"

CVE	Announced	Affects	Severity
__________________	___________	______________________________________________________	___________________
CVE-2010-5137	2010-07-28	wxBitcoin and bitcoind	Netsplit

CVE-2010-5141	2010-07-28	wxBitcoin and bitcoind	DoS
CVE-2010-5138	2010-07-29	wxBitcoin and bitcoind	Theft
CVE-2010-5139	2010-08-15	wxBitcoin and bitcoind	DoS
CVE-2010-5140	2010-09-29	wxBitcoin and bitcoind	Inflation
CVE-2011-4447	2011-11-11	wxBitcoin and bitcoind	DoS
CVE-2012-1909	2012-03-07	Bitcoin protocol and all clients	Exposure
CVE-2012-1910	2012-03-17	bitcoind & Bitcoin-Qt for Windows	Netsplit
BIP 0016	2012-04-01	All Bitcoin clients	Unknown
CVE-2012-2459	2012-05-14	bitcoind and Bitcoin-Qt	Fake Conf
CVE-2012-3789	2012-06-20	bitcoind and Bitcoin-Qt	Netsplit
CVE-2012-4682	-	bitcoind and Bitcoin-Qt	DoS
CVE-2012-4683	2012-08-23	bitcoind and Bitcoin-Qt	DoS
CVE-2012-4684	2012-08-24	bitcoind and Bitcoin-Qt	DoS
CVE-2013-2272	2013-01-11	bitcoind and Bitcoin-Qt	DoS
CVE-2013-2273	2013-01-30	bitcoind and Bitcoin-Qt	DoS
CVE-2013-2292	2013-01-30	bitcoind and Bitcoin-Qt	Exposure
CVE-2013-2293	2013-02-14	bitcoind and Bitcoin-Qt	Exposure
CVE-2013-3219	2013-03-11	bitcoind and Bitcoin-Qt 0.8.0	DoS
CVE-2013-3220	2013-03-11	bitcoind and Bitcoin-Qt	DoS
BIP 0034	2013-03-25	All Bitcoin clients	Fake Conf
BIP 0050	2013-05-15	All Bitcoin clients	Netsplit
CVE-2013-4627	2013-06-??	bitcoind and Bitcoin-Qt	DoS
CVE-2013-4165	2013-07-20	bitcoind and Bitcoin-Qt	Theft
CVE-2013-5700	2013-09-04	bitcoind and Bitcoin-Qt 0.8.x	DoS
CVE-2014-0160	2014-04-07	Anything using OpenSSL for TLS	Unknown
CVE-2015-3641	2014-07-07	bitcoind and Bitcoin-Qt prior to 0.10.2	DoS
BIP 66	2015-02-13	All Bitcoin clients	Fake Conf
BIP 65	2015-11-12	All Bitcoin clients	Fake Conf
BIPs 68, 112 & 113	2016-04-11	All Bitcoin clients	Fake Conf
BIPs 141, 143 & 147	2016-10-27	All Bitcoin clients	Fake Conf
CVE-2016-8889	2016-10-27	Bitcoin Knots GUI 0.11.0 - 0.13.0	Exposure
CVE-2017-9230	-	Bitcoin	?
BIP 148	2017-03-12	All Bitcoin clients	Fake Conf
CVE-2017-12842	2018-06-09	-	-
CVE-2016-10724	2018-07-02	bitcoind and Bitcoin-Qt prior to 0.13.0	DoS
CVE-2016-10725	2018-07-02	bitcoind and Bitcoin-Qt prior to 0.13.0	DoS
CVE-2018-17144	2018-09-17	bitcoind and Bitcoin-Qt prior to 0.16.3	Inflation
CVE-2018-20587	2019-02-08	Bitcoin Knots prior to 0.17.1 & all Bitcoin Core releases	Theft
CVE-2017-18350	2019-06-22	bitcoind and Bitcoin-Qt prior to 0.17.1	Unknown
CVE-2018-20586	2019-06-22	bitcoind and Bitcoin-Qt prior to 0.17.1	Deception
CVE-2019-12998	2019-08-30	c-lightning prior to 0.7.1	Theft
CVE-2019-12999	2019-08-30	lnd prior to 0.7	Theft
CVE-2019-1300	2019-08-30	eclair prior to 0.3	Theft
		44 Vunerabilities
__________________	___________	______________________________________________________	___________________

Source

Table FAQ

1. What does CVE mean?
CVE is abbreviated as Common Vulnerabilities & Exposures which is a method for referencing security vulnerabilities and exposures by including the date of discovery and a ID number to identify what vulnerability or exposure that is being referenced.

2. What does "Announced" mean?
Announced means the date that the CVE was addressed formerly because of the way security works in software it would be a bad idea to make a vulnerability public at the time of discovery because it might have severe consequences to the software and its users and could cause a lot of damage. In the security world it is normal for a person to report a bug privately so that the developers can patch the vulnerability and then come out with an announcement that a bug was present and has now been patched.

3. What do the different terms mean under severity?

DoS
Denial of service which is an attack to prevent a service from being accessed as normal.

NetSplit
An attacker can create a new network which is independent from the Bitcoin network and can allow double spending.

Theft
Attacker would be able to take coins without being confined to the normal Bitcoin network rules.

Fake Conf
An attacker can make double spend transactions.

Exposure
User data can be stolen by an attacker.

Inflation
Attacker can create Bitcoins and insert them into the network which would allow the attacker to create more coins than the 21 million hard limit imposed by the normal network rules.

CVE-2010-5137

This vulnerability allowed remote attackers to cause a denial of service attack (DoS) by crashing the Bitcoin daemon service via a transaction containing an OP_LSHIFT script opcode. This affected all versions of bitcoind
wxBitcoin up to 0.3.4. The vulnerability was fixed in version 0.3.5 and all remaining unused script words were disabled as a precaution.

CVE-2010-5141
This vulnerability allowed a remote attacker to spend coins on the network that they did not own by using unspecified vectors. This vulnerability was tested on the test network of Bitcoin and did not occur on the main chain. The bug affected bitcoind wxBitcoin  up to 0.3.4 and was fixed in version 0.3.5.



CVE-2010-5138

A block was discovered to have a lot of OP_CHECKSIG commands attached to transactions which caused extra strain on the network because the Bitcoin nodes had to do extra work to verify each command. The issue was fixed in version 0.3.x which prevented attaching multiple OP_CHECKSIG commands being attached to transactions and from then on only allowed one to be attached.

CVE-2010-5139

This vulnerability was to be known as the "value overflow incident" which is the infamous event where an attacker created 184,467,440,737.09551616 Bitcoins on the main network. Within 5 hours of discovering that this had happened a new client was released to fix the issue by rejecting transactions with value overflow and to correct the coins being injected into the main chain the main Bitcoin chain had to be forked.

[Westingcote]

I am researching the vulnerabilities and will be including a explanation of how it happens if anyone can provide explanations in this topic that would be great

hopefully this is useful to anyone researching about Bitcoin

[hd49728]

Now, after the halving, after price rose some fold from the bottom in March, it is time to discuss about Bitcoin's vulnerabilities? Is it the right time to do so? 

[bob123]

Over the years Bitcoin has suffered 44 documented vulnerabilities [...]

All (except one) of those mentioned vulnerabilities are vulnerabilities of a software used, not the bitcoin protocol.

That's like saying:
There are X email vulnerabilities... and then only mentioning vulnerabilities from specific email clients.
or..
There are X internet vulnerabilities.. and then mentioning vulnerabilities from random internet services.

The protocol had vulnerabilities in the early phase, i am not denying that.
But those vulnerabilities you mentioned are completely irrelevant in the context of "bitcoin vulnerabilities". They have nothing to do with the protocol itself, but with bitcoin related software.

[BrewMaster]

the topic title is a bit misleading since these are not list of vulnerabilities, but these are list of historical bugs found in bitcoin clients and are already fixed.
not to mention some may not be categorized as "vulnerability" in my opinion and some don't even concern bitcoin like the lightning network related ones listed here.

[JeromeTash]

the topic title is a bit misleading since these are not list of vulnerabilities, but these are list of historical bugs found in bitcoin clients and are already fixed.
not to mention some may not be categorized as "vulnerability" in my opinion and some don't even concern bitcoin like the lightning network related ones listed here.

How i don't like folks come here with their clickbait  titles yet the content is totally different. They think that when they pop up here to talk about "Bitcoin Vulnerabilities"  People will play attention to them 

[khaled0111]

There is no such thing as bug-free code and bitcoin is not an exception. Probably, there are more but haven't been discovered yet.

Did anyone manage to steal someone else's coins by successfully exploiting a vulnerability in the bitcoin's protocol! Correct me if am wrong but am not aware of any similar incident.

[Yaunfitda]

You don't need to research it, everything is well-written, with links from those CVE's here.

https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures

[hatshepsut93]

Just because there are vulnerabilities, doesn't mean something is horribly broken. I think it's actually optimistic that Bitcoin has so little vulnerabilities, compared to other systems like server software or OS's that have thousands of vulnerabilities, yet they are still used daily be everyone. Bitcoin's problems like volatility or slow adoption are far bigger concerns than programming mistakes, and those things don't get communicated to newbies much.

[TravelMug]

No offense to the OP, but do you honestly think that newcomers are interested on those so called vulnerabilities? Most of them are asking about wallets, and wallet securities and when Lambo? when Moon?  

I don't think they will care much about this subject matter.

You don't need to research it, everything is well-written, with links from those CVE's here.

https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures

There you go, they are all well documented in that link.

[Velkro]

Over the years Bitcoin has suffered 44 documented vulnerabilities ranging from severe to harmless but before we take a look at them I

Thats nice summary.
On top of that it shows how much work devs doing, which is invisible to 95% of Bitcoin users i bet or even more.
Most active devs will have their name written in history books, its that important.

[Westingcote]

I am working on a explanation for some of these vulnerabilities but trying to put it into a easy to understand way. I am struggling with some of the explanations which I have opened some topics about if you would like to help with the explanations.

No offense to the OP, but do you honestly think that newcomers are interested on those so called vulnerabilities? Most of them are asking about wallets, and wallet securities and when Lambo? when Moon? 

I don't think they will care much about this subject matter.

There you go, they are all well documented in that link.

I hope so they should be aware of the different vulnerabilities and understand that Bitcoin or the software they use for their Bitcoin is not bulletproof.