State transition and consensus issue in geth client causes panic (crash) when processing a (valid) block with a specific combination of transactions, which may cause overall network instability if block is accepted and relayed by unaffected clients thus causing a DoS. This may happen in a block that contains transactions which suicide to the block reward address.
Affected configurations: Issue reported for Geth.While investigating the issue, related issues were discovered and corrected in pyethereum, hence pyethapp is also affected. C++ clients are unaffected.
Likelihood: Low
Severity: High
Complexity: High
Impact: Network Instability and DoS
Details: A block containing a specific combination of transactions which include one or more SUICIDE calls, while valid, causes panic crash in go-ethereum client and crash in pyethereum. Additional details may be posted when available.
Effects on expected chain reorganisation depth: None.
Remedial action taken by Ethereum: Provision of fixes as below.
Proposed temporary workaround: Switch to unaffected client such as eth (C++).
Fix:Upgrade geth and pyethereum client software.
go-ethereum (geth):
Please note that the current stable version of geth is now 1.1.1; if you are running 1.0 and using a package manager such as apt-get or homebrew the client will be upgraded.
If using the PPA: sudo apt-get update then sudo apt-get upgrade
If using brew: brew update then brew reinstall ethereum
If using a windows binary: download the updated binary.
If you are building from source: git pull followed by make geth (please use the Master branch commit 8f09242d7f527972acb1a8b2a61c9f55000e955d)
The correct version for this update on Ubuntu AND OSX is Geth/v1.1.1-8f09242d
pyethereum:
Users of pyethapp should reinstall
> pip install pyethapp –force-reinstall
