The developers of Geth, the official Go implementation of the Ethereum protocol, released version 1.14.13, codenamed “Schwarzschild,” on Thursday.
This release explicitly addresses a vulnerability that affects the peer-to-peer (p2p) layer of Geth, which could lead to denial of service attacks on nodes running them and potentially impact Layer 2 clients.
Geth is the most widely used execution layer client for Ethereum.
The vulnerability, cataloged as CVE-2025-24883, states that the Geth version “is vulnerable to DoS via malicious p2p messages.” Version 1.14.0 appeared to have accidentally introduced this security issue.
Users running Geth 1.14 (or later till 1.14.13) were urged to update to the latest version to mitigate the risk of node crashes or other disruptions.
“If you are running a version of geth that 1.14 or later, please update to the newest version. Nodes running v1.13.x are not affected,” noted Marius Van Der Wijden, Ethereum developer at the Geth client team.
The fix in v1.14.13 was coordinated with multiple Layer 2 solutions to ensure a broad security update across the ecosystem.
This emergency release was crucial because the bug, first identified by security researchers at Polygon, could potentially allow attackers to crash nodes running vulnerable versions of Geth remotely.
The Geth team clarified that nodes operating on the v1.13.x series were not affected by this particular vulnerability.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2024 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
