Nixpkgs security tracker

Untriaged

Permalink CVE-2026-22862

created 3 months ago

go-ethereum has a DoS via malicious p2p message

go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.16.8.

References

https://github.com/ethereum/go-ethereum/security/advisories/GHSA-mr7q-c9w9-wh4h x_refsource_CONFIRM
https://github.com/ethereum/go-ethereum/commit/abeb78c647e354ed922726a1d719ac7bc64a07e2 x_refsource_MISC

Affected products

go-ethereum

==< 1.16.8

Matching in nixpkgs

pkgs.go-ethereum

Official golang implementation of the Ethereum protocol

nixos-unstable 1.16.1
- nixpkgs-unstable 1.16.1
- nixos-unstable-small 1.16.1
nixos-25.11 1.16.5
- nixpkgs-25.11-darwin 1.16.5

Package maintainers

@asymmetric Lorenzo Manacorda <lorenzo@mailbox.org>
@RaghavSood Raghav Sood <r@raghavsood.com>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.go-ethereum

Package maintainers