| module: github.com/ethereum/go-ethereum | |
| package: github.com/ethereum/go-ethereum/les | |
| versions: | |
| - fixed: v1.9.25 | |
| description: | | |
| Due to a nil pointer dereference, a malicously crafted RPC message | |
| can cause a panic. If handling RPC messages from untrusted clients, | |
| this may be used as a denial of service vector. | |
| published: 2021-04-14T12:00:00Z | |
| cve: CVE-2020-26264 | |
| credit: "@zsfelfoldi" | |
| symbols: | |
| - serverHandler.handleMsg | |
| links: | |
| pr: https://github.com/ethereum/go-ethereum/pull/21896 | |
| commit: https://github.com/ethereum/go-ethereum/commit/bddd103a9f0af27ef533f04e06ea429cf76b6d46 |