CVE-2025-47270
📋 TL;DR
This vulnerability allows attackers to cause Denial of Service (DoS) by sending specially crafted Discovery messages that trigger excessive memory allocation up to 4GB, potentially crashing Nimiq nodes. It affects all systems running vulnerable versions of nimiq/core-rs-albatross. Since Discovery messages are regularly exchanged for peer discovery, this can be exploited repeatedly to maintain disruption.
💻 Affected Systems
- nimiq/core-rs-albatross
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete node crash and service disruption due to memory exhaustion, potentially affecting network stability if multiple nodes are targeted.
Likely Case
Individual node crashes requiring restart, leading to temporary service unavailability and potential loss of consensus participation.
If Mitigated
Minimal impact with proper message size limits preventing excessive memory allocation.
🎯 Exploit Status
Exploitation requires sending specially crafted Discovery messages with large length values, which is straightforward for attackers familiar with the protocol.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v1.1.0
Vendor Advisory: https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-3v6r-9cr8-q433
Restart Required: Yes
Instructions:
1. Stop the Nimiq node service. 2. Update to v1.1.0 or later using your package manager or by downloading from the official repository. 3. Restart the node service. 4. Verify the version is v1.1.0 or higher.
🔧 Temporary Workarounds
No workarounds available
allThe vendor advisory states no known workarounds exist for this vulnerability.
🧯 If You Can't Patch
- Implement network-level controls to filter or rate-limit incoming Discovery messages from untrusted sources.
- Monitor node memory usage and restart services automatically if memory exhaustion is detected.
🔍 How to Verify
Check if Vulnerable:
Check if your Nimiq node version is below v1.1.0 by running the node with version flag or checking package version.Check Version:
nimiq-node --version or check your package manager for nimiq-core-rs-albatross versionVerify Fix Applied:
Confirm the node is running v1.1.0 or later and monitor for abnormal memory allocation during Discovery message processing.📡 Detection & Monitoring
Log Indicators:
- Memory exhaustion errors
- Node crash logs
- Abnormally large Discovery message processing logs
Network Indicators:
- Unusually large Discovery messages (over 1MB)
- Repeated large messages from single sources
SIEM Query:
source="nimiq.log" AND ("memory allocation" OR "out of memory" OR "Discovery message size")