CVE-2025-24883: 
Ethereum Geth vulnerability analysis and mitigation

CVE-2025-24883 affects go-ethereum (geth), a golang execution layer implementation of the Ethereum protocol. The vulnerability was disclosed on January 30, 2025, and affects versions 1.14.0 through 1.14.13. A vulnerable node can be forced to shutdown or crash using a specially crafted message (GitHub Advisory).

The vulnerability has been assigned a CVSS v4.0 base score of 8.7 (HIGH) with the vector string CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N, indicating that it is a network-accessible vulnerability requiring no privileges or user interaction to exploit, primarily affecting system availability (NVD).

The primary impact of this vulnerability is the potential for denial of service attacks against Ethereum nodes. An attacker can force vulnerable nodes to shutdown or crash, disrupting network operations and potentially affecting the availability of Ethereum network services (GitHub Advisory).

The vulnerability has been fixed in go-ethereum version 1.14.13. Unfortunately, no workarounds are available for users who cannot immediately upgrade. Users are strongly advised to upgrade to version 1.14.13 or later to protect against this vulnerability (GitHub Advisory).