Bug 918582 (CVE-2023-37192)

Summary:	net-p2p/bitcoin-core: memory manipulation leading to transaction redirection
Product:	Gentoo Security	Reporter:	John Helmert III <ajak>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED INVALID
Severity:	minor	CC:	gentoo, proxy-maint
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://satoshihunter1.blogspot.com/2023/06/the-bitcoin-app-is-vulnerable-to-hackers.html
Whiteboard:	B3 [upstream]
Package list:		Runtime testing required:	---

Description John Helmert III archtester

2023-11-25 23:16:02 UTC

CVE-2023-37192:
https://www.youtube.com/watch?v=oEl4M1oZim0

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.

No references to an upstream report, so this smells off to me.

Comment 1 Matt Whitlock 2023-11-26 02:03:00 UTC

1. The very first sentence of the overview mentions Windows, and the "attack" demo code uses Windows APIs.

2. This is stupid, as it amounts to "Anyone with privileges to open a handle to the Bitcoin process and manipulate process memory can overwrite bitcoin addresses in the Bitcoin process's memory." Pretty much a "no shit, Sherlock."

Comment 2 Matt Whitlock 2023-11-26 02:15:24 UTC

(I meant to offense the reporter. It's also possible that I am missing some crucial detail in the "exploit," as I only briefly glanced over it, having been predisposed to dismiss it by the "this smells off to me.")

Comment 3 John Helmert III archtester

2023-11-26 03:18:31 UTC

No objection from me.

Comment 4 Matt Whitlock 2023-11-26 03:42:13 UTC

Doh! I actually meant to say, "I meant no offense to the reporter." Yikes. Sorry about that.

Thank you, John.

Comment 5 John Helmert III archtester

2023-11-26 03:48:43 UTC

Hah, I understood what you meant :)