Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-v592-xf75-856p

GitHub Security Advisory

Erroneous Proof of Work calculation in geth

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

### Impact
An ethash mining DAG generation flaw in Geth could cause miners to erroneously calculate PoW in an upcoming epoch (estimated early January, 2021). This happened on the ETC chain on 2020-11-06. This issue is relevant only for miners, non-mining nodes are unaffected.

### Patches
This issue is also fixed as of 1.9.24. Thanks to @slavikus for bringing the issue to our attention and writing the fix.

### Workarounds
This PR implements a patch: https://github.com/ethereum/go-ethereum/pull/21793

### References
https://blog.ethereum.org/2020/11/12/geth_security_release/

### For more information
If you have any questions or comments about this advisory:
* Open an issue in [go-ethereum](https://github.com/ethereum/go-ethereum)
* Email us at [[email protected]](mailto:[email protected])

Affected Packages

Go github.com/ethereum/go-ethereum
Affected versions: 0 (fixed in 1.9.24)

Related CVEs

CVE-2020-26240

Key Information

GHSA ID
GHSA-v592-xf75-856p
Published
June 29, 2021 9:12 PM
Last Modified
January 30, 2025 2:39 PM
CVSS Score
5.0 /10
Primary Ecosystem
Go
Primary Package
github.com/ethereum/go-ethereum
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 13, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.