Geth or Go Ethereum is one of the most popular Ethereum implementations for the Ethereum protocol. The software client has recently received a hotfix to a high-severity security issue in its code.
Hades Gamma (v1.10.8) is the name of the release. Details regarding the attack vectors and their fixes are not disclosed as of now. This was so as “to give node operators and dependent downstream projects time to update their nodes and software.”, according to a posting on the release page.
Who discovered this anomaly in the code? The credit goes to Guido Vranken, who is a software developer specializing in code vulnerabilities. He discovered the bug on 18th August.
As stated in an early GitHub security advisory post, the vulnerability in Geth can cause a node to no longer process blocks on Ethereum protocol.
According to reports by Ethernodes.org, nearly 75% of nodes on Ethereum run Geth. To avoid any potential disruptions, users are encouraged to upgrade their version of Geth, v1.10.8. Moreover, the Geth developer community is ensuring that nodes upgrade their clients to the latest version. This is to avoid the potential consensus failure that happened in November last year.
However, Geth developers emphasized in advance that the users should upgrade their software to the latest version. On a side note, the developers did not explicitly describe the nature of the vulnerability in their initial announcement on 18th August.
Regarding the software update, Geth developer Péter Szilágyi tweeted:
“Last time we did a hotfix, people were angry that we didn’t announce it. So this time, we decided to try it differently. Let’s see which works better.”