{"id":27683,"date":"2026-05-06T08:54:08","date_gmt":"2026-05-06T08:54:08","guid":{"rendered":"https:\/\/bitunikey.com\/news\/bitcoin-core-discloses-bug-that-could-let-miners-crash-nodes\/"},"modified":"2026-05-06T08:54:23","modified_gmt":"2026-05-06T08:54:23","slug":"bitcoin-core-discloses-bug-that-could-let-miners-crash-nodes","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/bitcoin-core-discloses-bug-that-could-let-miners-crash-nodes\/","title":{"rendered":"Bitcoin Core discloses bug that could let miners crash nodes"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p><strong>Bitcoin Core developers disclosed a high-severity bug that could allow miners to remotely crash some Bitcoin nodes.\u00a0<\/strong><\/p>\n<div id=\"cn-block-summary-block_241a08f6dcd56e2af4c90ab19f7daf7d\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>Bitcoin Core disclosed CVE-2024-52911, affecting versions before 29.0, with older nodes still exposed online.<\/li>\n<li>Miners needed costly proof-of-work blocks to trigger crashes, making real-world abuse historically unlikely for attackers.<\/li>\n<li>Cory Fields privately reported the bug in 2024, before Bitcoin Core 29.0 shipped patched software.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>The issue, tracked as CVE-2024-52911, affected Bitcoin Core versions after 0.14.0 and before 29.0. The bug was fixed in Bitcoin Core 29.0, which was released in April 2025.\u00a0<\/p>\n<p>Bitcoin Core made the <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/bitcoincore.org\/en\/2026\/05\/05\/disclose-cve-2024-52911\/\" target=\"_blank\" rel=\"nofollow\">issue<\/a> public on May 5, 2026, after the final vulnerable 28.x release line reached end of life on April 19.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h2 class=\"wp-block-heading\"><strong>Bug affected block validation<\/strong><\/h2>\n<p>The issue involved Bitcoin Core\u2019s script interpreter during block validation. Bitcoin Core said a specially crafted block could cause a node to access memory after that data had already been freed.<\/p>\n<p>During validation, Bitcoin Core pre-calculates transaction input data and sends script checks to background threads. In some cases, an invalid block could destroy cached data while another thread still tried to read it.<\/p>\n<p>Bitcoin Core said this could allow an attacker with enough proof-of-work to crash victim nodes. It also said \u201cit is possible\u201d the crash could support remote code execution, though limits on block data made that outcome \u201cunlikely.\u201d<\/p>\n<h2 class=\"wp-block-heading\"><strong>Attack required costly mining<\/strong><\/h2>\n<p>The attack was not simple to carry out. A miner would need to produce a specially crafted block with enough proof-of-work to reach the chain tip.<\/p>\n<p>That made the attack costly because such a block would be invalid. It could not earn a normal block reward, leaving the attacker to spend hashpower without collecting the usual mining payout.<\/p>\n<p>Bitcoin Core did not say the bug had been used in real attacks. The advisory focused on the flaw, the fix, and the disclosure timeline.<\/p>\n<p>The bug did not change Bitcoin\u2019s consensus rules. It was tied to memory handling in Bitcoin Core software, not the rules that define valid Bitcoin transactions or blocks.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Cory Fields reported the flaw<\/strong><\/h2>\n<p>Cory Fields of the MIT Digital Currency Initiative privately reported the bug on Nov. 2, 2024. Bitcoin Core said the report included a proof of concept and a proposed way to reduce the risk.<\/p>\n<p>Pieter Wuille pushed a covert fix four days later through PR 31112. The pull request was merged on Dec. 3, 2024, before Bitcoin Core 29.0 shipped with the fix in April 2025.<\/p>\n<p>The advisory followed Bitcoin Core\u2019s disclosure policy for high-severity bugs. Its policy says high-severity issues are disclosed after the last affected release goes end of life.<\/p>\n<p>In addition, node operators using Bitcoin Core versions before 29.0 still face the old bug. Bitcoin Core does not auto-update, so users must install newer versions manually.<\/p>\n<p>A past report on blockchain decentralization risks cited research that 21% of Bitcoin nodes ran outdated Bitcoin Core software in June 2021. That context shows why older client versions can remain a security concern long after fixes ship.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Bitcoin Core developers disclosed a high-severity bug that could allow miners to remotely crash some Bitcoin nodes.\u00a0 Summary Bitcoin Core disclosed CVE-2024-52911, affecting versions before 29.0, with older nodes still&hellip;<\/p>\n","protected":false},"author":1,"featured_media":27684,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-27683","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/27683","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=27683"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/27683\/revisions"}],"predecessor-version":[{"id":27685,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/27683\/revisions\/27685"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/27684"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=27683"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=27683"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=27683"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}