Bitcoin Core 24.0.1 following versions have a high-risk vulnerability affecting 17% of full nodes
On September 20th, Bitcoin Core developers issued a new high-severity warning, claiming that one in every six Bitcoin nodes has a software vulnerability. On Thursday, the staff of the open-source Bitcoin Core project, which is responsible for maintaining software that runs on more than 98% of the reachable full nodes, disclosed a major security issue with software running on 17% of the network's nodes.
Although this vulnerability is quite serious, there are very few known cases of attacks exploiting this vulnerability in the public record. Since the cost of generating and broadcasting a blockchain header to perform Distributed Denial-of-service is quite high, the vulnerability offers little financial benefit to attackers. Initially, they disclosed vulnerabilities for version 20 and below. However, every few weeks, they disclose more software vulnerabilities. Unless Bitcoin node operators update their software, up to 17% of nodes in the network could be at risk from Distributed Denial-of-service.