CVE-2022-35913

Published: Sep 6, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

Samourai Wallet Stonewallx2 0.99.98e allows a denial of service via a P2P coinjoin. The attacker and victim must follow each other's paynym. Then, the victim must try to collaborate with the attacker for a Stonewallx2 transaction. Next, the attacker broadcasts a tx, spending the inputs used in Stonewallx2 before the victim can broadcast the collaborative transaction. The attacker does not signal opt in RBF, and uses the lowest fee rate. This would result in the victim being unable to perform Stonewallx2. (Note that the attacker could use multiple paynyms.)

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-June/020595.html

x_refsource_MISC

https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-July/020737.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-35913

Description

Affected Products

References