Bitcoin Inventory Out-of-Memory Denial-of-Service Attack

Bitcoin Inventory Out-of-Memory Denial-of-Service Attack
CVE-2018-17145

There was an easily exploitable uncontrolled memory resource consumption denial-of-service vulnerability that existed in the peer-to-peer network code of three implementations of Bitcoin and several alternative chains.

Q&A
What Bitcoin implementations were affected?
Bitcoin Core, Bcoin and Btcd.

Were there any alternative chains affected?
Yes. To our knowledge both Litecoin and Namecoin follow Bitcoin Core code closely and had pulled in the vulnerable code. Decred is based on Btcd which was also vulnerable. We have done our best to check as many implementations as possible.

Am I vulnerable to the attack?
Probably not, the vulnerability has been patched in Bitcoin Core for over two years. However, you are vulnerable to denial-of-service if you're running older software such as:

Bitcoin Core v0.16.0 or v0.16.1
Bitcoin Knots v0.16.0
Bcoin v1.0.0-pre and earlier
Btcd v0.20.1-beta and earlier
Litecoin Core v0.16.0
Namecoin Core v0.16.1
Dcrd v1.5.1 and earlier
How can I protect myself?
You are likely already protected. Otherwise, make sure to upgrade:

Bitcoin Core v0.16.2 and later
Bitcoin Knots v0.16.2 and later
Bcoin v1.0.2 and later
Btcd v0.21.0-beta and later
Litecoin Core v0.16.2 and later
Namecoin v0.16.2 and later
Dcrd v1.5.2 and later
Who is capable of mounting this attack?
Anyone with an internet and peer-to-peer connection.

Can this vulnerability be used to steal bitcoin?
Not likely, however it's possible that Lightning Network funds could be at risk if a watchtower or node fails due to a denial-of-service attack. There could then be a failure to counter, within time, a hostile Lightning peer closing a channel.

Can this vulnerability affect consensus?
Not likely, however in some exceptional situations it could influence consensus. The attack could be used to give an advantage to one side of a chain fork or mining hash war. Nodes could be attacked in an attempt to partition the network, in such a case there could be deep chain reorganizations as miners have difficulty propagating blocks across the network. This could cause issues for commerce and trade as block confirmation counts would need to be increased to prevent double-spends.

What is the result of the attack?
A hostile peer can cause another peer to be unable to function, this is known as a denial-of-service. This attack causes the memory of the process to grow endlessly. This will crash the process and potentially freeze the process and computer until the process is terminated.

Could this attack shutdown an entire network?
Yes if 100% of nodes in the network were vulnerable and there were no alternative versions or implementations available that did not have the vulnerability. A fixed version would need to be released to restore the network functionality. For the Bitcoin network there have only been two vulnerabilities that have lead to such downtime events, and there hasn't been one since 2013.

How is the attack performed?
A hostile peer floods another peer with many inv messages for non-existent transactions using random hashes.

Has this been exploited in the wild?
Not as far as we know.