{"id":"GO-2024-2943","summary":"Lightning Network Daemon (LND)'s onion processing logic leads to a denial of service in github.com/lightningnetwork/lnd","details":"Lightning Network Daemon (LND)'s onion processing logic leads to a denial of service in github.com/lightningnetwork/lnd","aliases":["CVE-2024-38359","GHSA-9gxx-58q6-42p7"],"modified":"2026-03-17T04:49:13.224936Z","published":"2024-07-01T19:59:12Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2024-2943","review_status":"UNREVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/lightningnetwork/lnd/security/advisories/GHSA-9gxx-58q6-42p7"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38359"},{"type":"WEB","url":"https://delvingbitcoin.org/t/dos-disclosure-lnd-onion-bomb/979"},{"type":"WEB","url":"https://github.com/lightningnetwork/lnd/releases/tag/v0.17.0-beta"},{"type":"WEB","url":"https://lightning.network"},{"type":"WEB","url":"https://morehouse.github.io/lightning/lnd-onion-bomb"}],"affected":[{"package":{"name":"github.com/lightningnetwork/lnd","ecosystem":"Go","purl":"pkg:golang/github.com/lightningnetwork/lnd"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.17.0-beta"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2024-2943.json"}}],"schema_version":"1.7.5"}