NRDAX
Submit

← registry

NRDAX-T0056 - Duplicate Input Validation-Bypass Crash

consensus_abuse · active · first seen 2026-07-08

provenance: Reproduced in NullRabbit's attack-reproduction pipeline

mechanism

CVE-2018-17144: a block whose tx spends one outpoint twice (duplicate inputs); the 0.14 pre-relay optimization (PR#9049) skipped the duplicate-input check → assert(!coin.IsNull()) crash (0.14.x) / sup

instances (1)

chainprimitivefidelityoriginreproducer (bundle)source
bitcoin bitcoin_dup_input_crash lab reverse-engineered-cve bitcoin_dup_input_crash bitcoincore.org ↗

references

vendor-advisory: GHPR-anza-xyz-agave-13608

related (consensus_abuse)

cite

https://nrdax.com/techniques/NRDAX-T0056

plain

NRDAX Registry. Technique NRDAX-T0056.

bibtex
@misc{nrdax_NRDAX_T0056,
  title = {Duplicate Input Validation-Bypass Crash (NRDAX-T0056)},
  howpublished = {NRDAX Registry},
  url = {https://nrdax.com/techniques/NRDAX-T0056},
}
json (csl)
{
  "id": "nrdax-NRDAX-T0056",
  "type": "dataset",
  "title": "Duplicate Input Validation-Bypass Crash (NRDAX-T0056)",
  "URL": "https://nrdax.com/techniques/NRDAX-T0056",
  "publisher": "NRDAX Registry"
}