Merge #1147: advisories: Elaborate on bug category descriptions

f8aa94d advisories: Elaborate on bug category descriptions (dergoegge)

Pull request description:

  The current severity category descriptions are more vague than necessary, especially now that we have a solid list of published advisories.

  This PR expands and clarifies the categories to better distinguish them and set clearer expectations, using examples from existing advisories where applicable.

Top commit has no ACKs.

Tree-SHA512: 48fb66b4399da0091077e50c433daff80ff9bdd0d812d366ede86233911d894576a2cfff1c9f8c4bd2e8a04f9ce01dd7826a322f777d9595122accf0302f8c72

Author: fanquake

_posts/en/pages/2024-06-26-security-advisories.md

@@ -20,14 +20,74 @@ All vulnerabilities should be reported to [email protected] (see
 details). When reported, a vulnerability will be assigned a severity category.
 We differentiate between 4 classes of vulnerabilities:
 
-* **Low**: bugs which are hard to exploit or have a low impact. For instance
-  a wallet bug which requires access to the victim's machine.
+### Critical
 
-* **Medium**: bugs with limited impact. For instance a local network remote crash.
+Bugs that threaten the fundamental security and integrity of the entire Bitcoin
+network. These are bugs that allow for coin theft at the protocol level, the
+creation of coins outside of the specified issuance schedule, or permanent,
+network-wide chain splits.
 
-* **High**: bugs with significant impact. For instance a remote crash, or a local network RCE.
+Examples:
+* A bug allowing inflating the money supply by spending the same transaction
+  output twice within a block ([CVE-2018-17144](/en/2018/09/20/notice/)).
+* A consensus failure where nodes running older software rejected a block that
+  newer software accepted due to an underlying database limit, causing a
+  network-wide chain split ([BIP
+  50](https://github.com/bitcoin/bips/blob/master/bip-0050.mediawiki)).
 
-* **Critical**: bugs which threaten the whole network's integrity. For instance an inflation or coin theft bug.
+### High
+
+Bugs with a significant impact on affected nodes or the network. These are
+typically exploitable remotely under default configurations and can cause
+widespread disruption.
+
+Examples:
+* A remotely triggerable crash that could take many nodes offline
+  ([CVE-2024-35202](/en/2024/10/08/disclose-blocktxn-crash/)).
+* A denial-of-service attack that causes a node to stall for an extended
+  period, preventing it from processing new transactions and blocks
+  ([CVE-2024-52914](/en/2024/07/03/disclose-orphan-dos/)).
+* A memory exhaustion vulnerability that could be triggered remotely to crash
+  nodes by having them store an excessive amount of block headers
+  ([CVE-2019-25220](/en/2024/09/18/disclose-headers-oom/)).
+
+### Medium
+
+Bugs that can noticeably degrade the network's or a node's performance or
+functionality, but are limited in their scope or exploitability. These might
+require special conditions to trigger, such as non-default settings, or result
+in service degradation rather than a complete node failure.
+
+Examples:
+* A potential Remote Code Execution (RCE) vulnerability on the local network
+  that is only exploitable if a non-default feature like UPnP is enabled
+  ([CVE-2015-20111](/en/2024/07/03/disclose_upnp_rce/)).
+* A peer could hinder block propagation by sending mutated blocks, delaying the
+  reception of new blocks for a node
+  ([CVE-2024-52921](/en/2024/10/08/disclose-mutated-blocks-hindering-propagation/)).
+* An attacker announcing a block to a node and then failing to provide it,
+  causing the victim node to wait for up to 10 minutes before being able to
+  fetch it from another peer
+  ([CVE-2024-52922](/en/2024/11/05/cb-stall-hindering-propagation/)).
+
+### Low
+
+Bugs that are challenging to exploit or have a minor impact on a node's
+operation. They might only be triggerable under non-default configurations or
+from the local network, and do not pose an immediate or widespread threat.
+
+Examples:
+* A malformed `getdata` message could cause a peer connection to enter an
+  infinite loop, consuming CPU but not affecting the node's ability to process
+  blocks or handle other peer connections
+  ([CVE-2024-52920](/en/2024/07/03/disclose-getdata-cpu/)).
+* A bug in a dependency that could crash a node, but only if a non-default
+  feature like UPnP is enabled
+  ([CVE-2024-52917](/en/2024/07/31/disclose-upnp-oom/)).
+* A bug that could crash a node, but is extremely difficult to exploit
+  ([CVE-2024-52919](/en/2025/04/28/disclose-cve-2024-52919/)).
+
+---
 
 **Low** severity bugs will be disclosed 2 weeks after a fixed version exists on the current major release branch.
   A pre-announcement will be made at the same time as the release.