cvedb.io
CVE-2022-35913
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2022-09-06T23:15:08.537 · Last modified 2026-06-17T04:52:30.490

Summary

Samourai Wallet Stonewallx2 0.99.98e allows a denial of service via a P2P coinjoin. The attacker and victim must follow each other's paynym. Then, the victim must try to collaborate with the attacker for a Stonewallx2 transaction. Next, the attacker broadcasts a tx, spending the inputs used in Stonewallx2 before the victim can broadcast the collaborative transaction. The attacker does not signal opt in RBF, and uses the lowest fee rate. This would result in the victim being unable to perform Stonewallx2. (Note that the attacker could use multiple paynyms.)

Affected products

kayako — samourai

Does this affect you?

Add your gear to cvedb and we'll alert you only when kayako ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.