New Parity Update Fixes a Vulnerability Present in Some ETH Nodes
Blockchain software development firm Parity released an update for its Ethereum (ETH) node software which fixes a vulnerability present in some instances.
Remote node crashing vulnerability
In a blog post published on Aug. 29, Parity announced the release of an update for its Ethereum node software fixing the Remote Procedure Call (RPC) vulnerability. Per the announcement, nodes running Parity’s software with manually enabled public-facing RPC could be remotely crashed with a specially constructed RPC call.
The team suspects that nodes with manually enabled tracing may also be vulnerable to the exploit. The author of the post points out that not all of the nodes running the company’s software are vulnerable:
“This means that primarily only public infrastructure setups are exposed. Regular users who have not changed these node setting are not impacted.”
Most nodes probably unaffected
While Parity expects most of the nodes running its software not to be affected, the company still recommends that everyone running Parity Ethereum nodes update to this latest version. The company claims to have received the bug report yesterday afternoon, from Scott Bigelow at blockchain startup Amberdata.
As Cointelegraph reported yesterday, Parity is delaying the Ethereum core devs’ planned hard fork until Sept. 6.