Nimiq Core-RS-Albatross RequestMacroChain Micro Block Locator Panic Vulnerability

A denial-of-service vulnerability has been identified in the Nimiq Core-RS-Albatross implementation of the Proof-of-Stake protocol, specifically in versions through 1.2.2. The issue arises when an unauthenticated peer sends a RequestMacroChain message that includes a micro block hash as the first locator on the main chain. This triggers a panic in the message handler, as the system expects a macro block hash. The vulnerability has been patched in version 1.3.0.

Impact

Exploitation of this vulnerability causes a panic in the RequestMacroChain message handler, disrupting the handling of macro chain requests.

Reproduction

The vulnerability can be reproduced by sending a RequestMacroChain message with a micro block hash as the first locator hash on the recipient's main chain. The message will cause the handler to panic, as it attempts to process the micro block hash as a macro block, leading to a BlockchainError indicating the block is not a macro.

Remediation

Users can upgrade to Nimiq Core-RS-Albatross version 1.3.0 to address this vulnerability.