[28.x] validation: correct lifetime of precomputed tx data #35213

pull darosior wants to merge 1 commits into bitcoin:28.x from darosior:2605_cleanup_CVE-2024-52911_v28 changing 1 files +1 −1

darosior commented at 12:28 PM on May 5, 2026: member

This backports #35209 to the version 28 branch.

validation: correct lifetime of precomputed tx data

This makes sure `txsdata` always outlives the Script check queue (since local
objects are destructed in reverse order of construction).

This is the root cause for a security vulnerability reported by Cory Fields in
2024 that could be exploited by crafting an invalid block to cause nodes to
read freed memory. The vulnerability was covertly fixed in commit
`492e1f09943fcb6145c21d470299305a19e17d8b`.

See security advisory for CVE-2024-52911 for more details.

Github-Pull: #35209
Rebased-From: 1ed799fb21db51a12cbd5579420a61b9b5b3ee7d

076629a3c1

DrahtBot added the label Backport on May 5, 2026
DrahtBot commented at 12:28 PM on May 5, 2026: contributor



The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.



Code Coverage & Benchmarks

For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/35213.



Reviews

See the guideline for information on the review process.

Type Reviewers

ACK achow101

If your review is incorrectly listed, please copy-paste <code></code> into the comment that the bot should ignore.
achow101 commented at 9:15 AM on May 6, 2026: member

ACK 076629a3c19ceb779ddc251183c09807327efd3d
achow101 merged this on May 6, 2026
achow101 closed this on May 6, 2026
darosior deleted the branch on May 6, 2026

Type	Reviewers
ACK	achow101

Contributors

Labels

Linked (view graph)

#35209 validation: correct lifetime of precomputed tx data

[28.x] validation: correct lifetime of precomputed tx data #35213

Code Coverage & Benchmarks

Reviews