NRDAX
Submit

← registry

NRDAX-T0101 - Handshake Crypto Validation Bypass Crash

compute_amp · active · first seen 2026-07-07

provenance: Reproduced in NullRabbit's attack-reproduction pipeline

mechanism

CVE-2025-24883: RLPx auth with an all-zero (off-curve) EC pubkey - geth <1.14.13 skips the secp256k1 point-validity check → handshake crypto crash (fixed 159fb1a)

instances (1)

chainprimitivefidelityoriginreproducer (bundle)source
ethereum geth_auth_zero_pubkey lab reverse-engineered-cve geth_auth_zero_pubkey https://github.com/ethereum/go-ethereum/security/advisories/GHSA-q26p-9cq4-7fc2 ↗

related (compute_amp)

cite

https://nrdax.com/techniques/NRDAX-T0101

plain

NRDAX Registry. Technique NRDAX-T0101.

bibtex
@misc{nrdax_NRDAX_T0101,
  title = {Handshake Crypto Validation Bypass Crash (NRDAX-T0101)},
  howpublished = {NRDAX Registry},
  url = {https://nrdax.com/techniques/NRDAX-T0101},
}
json (csl)
{
  "id": "nrdax-NRDAX-T0101",
  "type": "dataset",
  "title": "Handshake Crypto Validation Bypass Crash (NRDAX-T0101)",
  "URL": "https://nrdax.com/techniques/NRDAX-T0101",
  "publisher": "NRDAX Registry"
}