CVE-2024-52919: 
Bitcoin Core vulnerability analysis and mitigation

CVE-2024-52919 affects Bitcoin Core versions before 22.0. The vulnerability involves a CAddrMan nIdCount integer overflow that can result in an assertion failure and daemon exit when exploited through a flood of addr messages (Bitcoin Core). The vulnerability was discovered by Eugene Siegel and was fixed in September 2021 with the release of Bitcoin Core version 22.0 (Bitcoin Core).

The vulnerability stems from a 32-bit nIdCount field in CAddrMan that is incremented on every insertion into addrman. When this counter reaches 2^32 entries through addr message flooding, the identifier overflows, triggering an assertion failure that crashes the daemon. The vulnerability has been assigned a CVSS base score of 6.5 MEDIUM (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) by CISA-ADP (NVD).

When successfully exploited, the vulnerability causes the Bitcoin Core daemon to crash through an assertion failure, effectively creating a denial of service condition. This can disrupt the normal operation of Bitcoin nodes running vulnerable versions of the software (Bitcoin Core).

The vulnerability was fixed in Bitcoin Core version 22.0, released on September 13, 2021. Users running affected versions should upgrade to Bitcoin Core 22.0 or later to mitigate this vulnerability (Bitcoin Core).