Malicious ScriptSig in signed transaction #14
tsusanka
announced in
Past Security Issues
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Detail
A specially crafted transaction could trigger a buffer overflow and extract the private key. Local interaction with the knowledge of PIN and passphrase was required.
Fix
trezor/trezor-firmware@524f2a9
Beta Was this translation helpful? Give feedback.
All reactions