QwikSec

Security Database

CVE

CWE

Training

CVE-2019-15947

Published: Sep 5, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500" command.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gist.github.com/oxagast/50a121b2df32186e0c48411859d5861b

x_refsource_MISC

https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2019-15947

x_refsource_MISC

https://github.com/bitcoin/bitcoin/issues/16824

x_refsource_MISC

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.