Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1oNGMzLTUyNzUtdnJtZ84AA5Cu

Nervos CKB Pool does not remove the conflicting transactions from the statistics

Impact

There's a bug in the pool statistics that when conflicting transactions are removed from the pool, they are not subtracted from the statics. Finally, the transaction pool keeps full and reject all transactions.

Patches

0.39.2

Workarounds

Restart the CKB node.

Permalink: https://github.com/advisories/GHSA-h4c3-5275-vrmg
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1oNGMzLTUyNzUtdnJtZ84AA5Cu
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 27 days ago
Updated: 27 days ago


Identifiers: GHSA-h4c3-5275-vrmg
References:

Affected Packages

cargo:ckb
Versions: < 0.39.2
Fixed in: 0.39.2