zebrad has mempool transaction admission denial via single-peer inbound queue saturation

描述

Am I affected

You are affected if:

  1. You run zebrad up to and including v4.4.1.
  2. Your node accepts inbound P2P connections (network.listen_addr is set, which is the default).
  3. Your node's mempool is active (node is synced near the chain tip).

All default configurations are affected.

Summary

A single unauthenticated P2P peer can monopolize all 25 inbound mempool download/verification slots (MAX_INBOUND_CONCURRENCY) by advertising fake transaction IDs. While the slots are occupied, all other inbound transactions from honest peers and local RPC sendrawtransaction calls are rejected with MempoolError::FullQueue. The attacker peer is never scored for misbehavior and is not disconnected, allowing sustained denial of mempool admission.

Details

The mempool download/verification pipeline at zebrad/src/components/mempool/downloads.rs uses a single bounded pool of 25 concurrent tasks. Three architectural gaps combine to produce the vulnerability:

  1. No per-peer accounting: the 25 slots are shared across all peers with no cap on how many a single peer can hold.
  2. No overload signaling: when FullQueue is returned, the inbound service at zebrad/src/components/inbound.rs maps it to Response::Nil, hiding the overload from the peer connection layer. The existing handle_inbound_overload disconnection logic never fires.
  3. No misbehavior attribution: peer identity is not carried through the Gossip type into the download pipeline, so verification failures cannot be attributed to the originating peer.

The attacker sends inv messages advertising fake transaction IDs. Zebra queues download tasks for each ID. The attacker stays silent; each slot is held until the TRANSACTION_DOWNLOAD_TIMEOUT (20 seconds) fires. The attacker periodically sends fresh inv waves to re-fill slots as they expire.

Two additional slot-holding techniques have been independently demonstrated: invalid-prevout transactions that park in AwaitOutput for 60 seconds, and expensive shielded proof verification with auth-variant cache bypass. All three techniques are addressed by the same per-peer accounting fix.

Patches

zebrad 4.5.0

The fix adds per-peer queue accounting to the mempool download pipeline. A single peer is limited to a fraction of MAX_INBOUND_CONCURRENCY (e.g., 5 slots out of 25). FullQueue is surfaced as an overload signal to the peer connection layer. Peer identity is plumbed through the Gossip type for misbehavior attribution.

Workarounds

There is no complete configuration-level workaround. Reducing network.peerset_initial_target_size limits the total inbound peer count but does not prevent a single peer from holding all mempool slots.

Impact

Mempool transaction admission is denied for all honest peers and local RPC clients while the attack is sustained. Block validation and chain synchronization continue normally. The attacker needs only one TCP connection and minimal bandwidth (~1 KB/s of fake inv messages). The node recovers immediately when the attacker stops. This does not affect consensus, funds, or on-disk state.

Credit

Reported by @dingledropper via a private GitHub Security Advisory submission.

基本資訊

類型
reviewed
嚴重度
medium
GitHub 上的公告
開啟公告 ↗
儲存庫公告
開啟儲存庫公告 ↗
原始碼
瀏覽原始碼 ↗
公開(公告)
2026-07-02 19:39:02 UTC
更新時間
2026-07-02 19:39:02 UTC
GitHub 審核
2026-07-02 19:39:02 UTC

EPSS Score

No EPSS score in this advisory JSON.

CVSS Scores

Base score Version Severity Vector
5.3 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 點擊展開
攻擊向量 (AV:N)
可經網際網路或企業內可路由網段從遠端觸達,攻擊者不必在裝置旁邊。
攻擊複雜度 (AC:L)
前置條件清楚,成功路徑穩定,不必仰賴罕見競態或極端環境。
權限需求 (PR:N)
不必事先登入或提權,匿名工作階段也可能成為跳板。
使用者互動 (UI:N)
不必受害者點連結、放行巨集或安裝軟體,攻擊鏈可自動走完。
作用域 (S:U)
破壞局限在脆弱元件原本的安全權限與信任域之內。
機密性影響 (C:N)
幾乎談不上實質的敏感資料外洩。
完整性影響 (I:N)
對紀錄真實性與不可否認性的破壞可忽略。
可用性影響 (A:L)
出現明顯延遲、間歇性故障或局部功能不可用,但可用維運手段緩解。

Identifiers

CWEs

CWE id Name
CWE-770 Allocation of Resources Without Limits or Throttling

Credits

  • dingledropper (reporter)
  • mpguerra (coordinator)
  • oxarbitrage (remediation_reviewer)

Affected packages (1)

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem Package Vulnerable range First patched Vulnerable functions
rust zebrad <= 4.4.1 4.5.0

References

cvelogic Threat Intelligence