CVE-2021-41593

Q: What is the severity of CVE-2021-41593?

CVE-2021-41593 has a CVSS score of 8.6 (HIGH). This vulnerability in Lightning Network Daemon (lnd) allows attackers to exploit dust HTLCs (Hashed Time-Locked Contracts) to force channel closures and potentially steal funds. It affects all lnd users running vulnerable versions, particularly those with open payment channels. The issue stems from insufficient validation of small-value HTLCs.

8.6 HIGH

Denial of Service

📋 TL;DR

This vulnerability in Lightning Network Daemon (lnd) allows attackers to exploit dust HTLCs (Hashed Time-Locked Contracts) to force channel closures and potentially steal funds. It affects all lnd users running vulnerable versions, particularly those with open payment channels. The issue stems from insufficient validation of small-value HTLCs.

💻 Affected Systems

Products:

Lightning Labs lnd

Versions: All versions before 0.13.3-beta

Operating Systems: All platforms running lnd

Default Config Vulnerable: ⚠️ Yes

Notes: All lnd nodes with open payment channels are vulnerable regardless of configuration.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete loss of funds in affected Lightning channels through forced channel closures and theft of channel balances.

🟠

Likely Case

Partial fund loss through griefing attacks where attackers force unnecessary channel closures, incurring on-chain fees and disrupting payment routing.

🟢

If Mitigated

Minimal impact with proper monitoring and updated software, though some disruption may occur during attacks.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires understanding of Lightning Network protocols but no authentication to target nodes.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.13.3-beta and later

Vendor Advisory: https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.13.3.md

Restart Required: Yes

Instructions:

1. Stop lnd service. 2. Backup channel state and wallet. 3. Upgrade to v0.13.3-beta or later. 4. Restart lnd service. 5. Monitor for successful operation.

🔧 Temporary Workarounds

Close vulnerable channels

all

Force close all payment channels to prevent exploitation, though this incurs on-chain fees and disrupts operations.

lncli closeallchannels --force

🧯 If You Can't Patch

Monitor channel activity closely for unusual dust HTLC patterns and force close suspicious channels immediately.
Reduce channel sizes and limit total channel capacity to minimize potential loss.

🔍 How to Verify

Check if Vulnerable:

Check lnd version with 'lncli getinfo' or 'lnd --version'. If version is below 0.13.3-beta, system is vulnerable.

Check Version:

lncli getinfo | grep version || lnd --version

Verify Fix Applied:

After upgrade, confirm version is 0.13.3-beta or higher and monitor for normal channel operation without forced closures.

📡 Detection & Monitoring

Log Indicators:

Unexpected channel force closures
Multiple dust HTLC failures
Channel balance discrepancies

Network Indicators:

Unusual pattern of small-value HTLCs across channels
Increased on-chain transaction volume from channel closures

SIEM Query:

lnd_logs: "force close" OR "dust HTLC" OR "channel closure"

📊 Metadata

CVE ID: CVE-2021-41593

CVSS v3 Score: 8.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

CWE: CWE-770

Published: October 4, 2021

Last Updated: November 21, 2024

🔗 References

https://bitcoinmagazine.com/technical/good-griefing-a-lingering-vulnerability-on-lightning-network-that-still-needs-fixing Press/Media Coverage,Third Party Advisory
https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.13.3.md Release Notes,Third Party Advisory
https://github.com/lightningnetwork/lnd/releases/tag/v0.13.3-beta Third Party Advisory
https://lists.linuxfoundation.org/pipermail/lightning-dev/2020-May/002714.html Mailing List,Vendor Advisory
https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-October/003257.html Mailing List,Vendor Advisory
https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-October/003264.html Exploit,Mailing List,Vendor Advisory
https://bitcoinmagazine.com/technical/good-griefing-a-lingering-vulnerability-on-lightning-network-that-still-needs-fixing Press/Media Coverage,Third Party Advisory
https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.13.3.md Release Notes,Third Party Advisory
https://github.com/lightningnetwork/lnd/releases/tag/v0.13.3-beta Third Party Advisory
https://lists.linuxfoundation.org/pipermail/lightning-dev/2020-May/002714.html Mailing List,Vendor Advisory
https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-October/003257.html Mailing List,Vendor Advisory
https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-October/003264.html Exploit,Mailing List,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

Lightning Network Daemon by Lightning Network Daemon Project

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Close vulnerable channels

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities