CVE-2025-47270: CWE-400: Uncontrolled Resource Consumption in nimiq core-rs-albatross
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. The `nimiq-network-libp2p` subcrate of nimiq/core-rs-albatross is vulnerable to a Denial of Service (DoS) attack due to uncontrolled memory allocation. Specifically, the implementation of the `Discovery` network message handling allocates a buffer based on a length value provided by the peer, without enforcing an upper bound. Since this length is a `u32`, a peer can trigger allocations of up to 4 GB, potentially leading to memory exhaustion and node crashes. As Discovery messages are regularly exchanged for peer discovery, this vulnerability can be exploited repeatedly. The patch for this vulnerability is formally released as part of v1.1.0. The patch implements a limit to the discovery message size of 1 MB and also resizes the message buffer size incrementally as the data is read. No known workarounds are available.
AI Analysis
Technical Summary
CVE-2025-47270 is a high-severity vulnerability affecting the nimiq/core-rs-albatross project, which is a Rust implementation of the Nimiq Proof-of-Stake blockchain protocol using the Albatross consensus algorithm. The vulnerability resides in the nimiq-network-libp2p subcrate, specifically in the handling of Discovery network messages used for peer discovery. The flaw is an uncontrolled resource consumption issue (CWE-400) where the code allocates a buffer based on a length value provided by a peer without enforcing an upper bound. Since the length is a 32-bit unsigned integer, a malicious peer can request a buffer allocation up to 4 GB in size. This can lead to memory exhaustion on the targeted node, causing crashes or denial of service (DoS). Because Discovery messages are exchanged regularly to maintain peer connectivity, an attacker can repeatedly exploit this to disrupt node availability. The vulnerability affects all versions prior to 1.1.0. The patch released in version 1.1.0 mitigates the issue by capping the maximum Discovery message size to 1 MB and implementing incremental buffer resizing during data reads to prevent large, uncontrolled allocations. No workarounds are currently known, and no exploits have been reported in the wild yet. The CVSS v3.1 score is 7.5 (high), reflecting network attack vector, low attack complexity, no privileges or user interaction required, and impact limited to availability (denial of service).
Potential Impact
For European organizations running nodes or infrastructure based on the nimiq/core-rs-albatross implementation, this vulnerability poses a significant risk of service disruption. A successful exploit can cause node crashes or unavailability, impacting blockchain network participation, transaction validation, and consensus operations. This can degrade the reliability and trustworthiness of services relying on Nimiq blockchain technology, including financial applications, decentralized services, or any critical infrastructure using this protocol. Since the attack requires no authentication or user interaction and can be launched remotely over the network, it lowers the barrier for attackers. Repeated exploitation could lead to sustained denial of service, affecting network stability and potentially causing cascading effects in dependent systems. Additionally, memory exhaustion attacks can increase operational costs due to resource overprovisioning or recovery efforts. Although no data confidentiality or integrity impacts are reported, availability degradation alone can have serious business and reputational consequences.
Mitigation Recommendations
European organizations should immediately upgrade all deployments of nimiq/core-rs-albatross to version 1.1.0 or later, where the vulnerability is patched. Since no workarounds exist, patching is the primary mitigation. Network-level protections can be implemented to limit exposure: deploying rate limiting and traffic filtering on Discovery message traffic to detect and block peers sending abnormally large or frequent messages can reduce attack surface. Monitoring memory usage and process stability of nodes can help detect exploitation attempts early. Organizations should also consider isolating blockchain nodes in segmented network zones with strict ingress controls to minimize exposure to untrusted peers. Regular vulnerability scanning and dependency management practices should be enforced to ensure timely updates. Finally, engaging with the Nimiq community and monitoring threat intelligence feeds for any emerging exploits or attack patterns will help maintain situational awareness.
Affected Countries
Germany, Netherlands, Switzerland, United Kingdom, France, Estonia
CVE-2025-47270: CWE-400: Uncontrolled Resource Consumption in nimiq core-rs-albatross
Description
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. The `nimiq-network-libp2p` subcrate of nimiq/core-rs-albatross is vulnerable to a Denial of Service (DoS) attack due to uncontrolled memory allocation. Specifically, the implementation of the `Discovery` network message handling allocates a buffer based on a length value provided by the peer, without enforcing an upper bound. Since this length is a `u32`, a peer can trigger allocations of up to 4 GB, potentially leading to memory exhaustion and node crashes. As Discovery messages are regularly exchanged for peer discovery, this vulnerability can be exploited repeatedly. The patch for this vulnerability is formally released as part of v1.1.0. The patch implements a limit to the discovery message size of 1 MB and also resizes the message buffer size incrementally as the data is read. No known workarounds are available.
AI-Powered Analysis
Technical Analysis
CVE-2025-47270 is a high-severity vulnerability affecting the nimiq/core-rs-albatross project, which is a Rust implementation of the Nimiq Proof-of-Stake blockchain protocol using the Albatross consensus algorithm. The vulnerability resides in the nimiq-network-libp2p subcrate, specifically in the handling of Discovery network messages used for peer discovery. The flaw is an uncontrolled resource consumption issue (CWE-400) where the code allocates a buffer based on a length value provided by a peer without enforcing an upper bound. Since the length is a 32-bit unsigned integer, a malicious peer can request a buffer allocation up to 4 GB in size. This can lead to memory exhaustion on the targeted node, causing crashes or denial of service (DoS). Because Discovery messages are exchanged regularly to maintain peer connectivity, an attacker can repeatedly exploit this to disrupt node availability. The vulnerability affects all versions prior to 1.1.0. The patch released in version 1.1.0 mitigates the issue by capping the maximum Discovery message size to 1 MB and implementing incremental buffer resizing during data reads to prevent large, uncontrolled allocations. No workarounds are currently known, and no exploits have been reported in the wild yet. The CVSS v3.1 score is 7.5 (high), reflecting network attack vector, low attack complexity, no privileges or user interaction required, and impact limited to availability (denial of service).
Potential Impact
For European organizations running nodes or infrastructure based on the nimiq/core-rs-albatross implementation, this vulnerability poses a significant risk of service disruption. A successful exploit can cause node crashes or unavailability, impacting blockchain network participation, transaction validation, and consensus operations. This can degrade the reliability and trustworthiness of services relying on Nimiq blockchain technology, including financial applications, decentralized services, or any critical infrastructure using this protocol. Since the attack requires no authentication or user interaction and can be launched remotely over the network, it lowers the barrier for attackers. Repeated exploitation could lead to sustained denial of service, affecting network stability and potentially causing cascading effects in dependent systems. Additionally, memory exhaustion attacks can increase operational costs due to resource overprovisioning or recovery efforts. Although no data confidentiality or integrity impacts are reported, availability degradation alone can have serious business and reputational consequences.
Mitigation Recommendations
European organizations should immediately upgrade all deployments of nimiq/core-rs-albatross to version 1.1.0 or later, where the vulnerability is patched. Since no workarounds exist, patching is the primary mitigation. Network-level protections can be implemented to limit exposure: deploying rate limiting and traffic filtering on Discovery message traffic to detect and block peers sending abnormally large or frequent messages can reduce attack surface. Monitoring memory usage and process stability of nodes can help detect exploitation attempts early. Organizations should also consider isolating blockchain nodes in segmented network zones with strict ingress controls to minimize exposure to untrusted peers. Regular vulnerability scanning and dependency management practices should be enforced to ensure timely updates. Finally, engaging with the Nimiq community and monitoring threat intelligence feeds for any emerging exploits or attack patterns will help maintain situational awareness.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2025-05-05T16:53:10.372Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9817c4522896dcbd7162
Added to database: 5/21/2025, 9:08:39 AM
Last enriched: 7/12/2025, 5:03:16 AM
Last updated: 8/1/2025, 9:57:27 AM
Views: 15
Related Threats
CVE-2025-8959: CWE-59: Improper Link Resolution Before File Access (Link Following) in HashiCorp Shared library
HighCVE-2025-44201
LowCVE-2025-36088: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in IBM Storage TS4500 Library
MediumCVE-2025-43490: CWE-59 Improper Link Resolution Before File Access ('Link Following') in HP, Inc. HP Hotkey Support Software
MediumCVE-2025-9060: CWE-20 Improper Input Validation in MSoft MFlash
CriticalActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.