CVE-2012-5573

Name of the Vulnerable Software and Affected Versions Tor versions prior to 0.2.3.25

Description The issue allows remote attackers to potentially cause a denial of service or bypass flow-control restrictions. This could lead to memory consumption or an excessive cell reception rate via a RELAY COMMAND SENDME command. The connection edge process relay cell function in or/relay.c is involved in this issue.

Recommendations For versions prior to 0.2.3.25, update to version 0.2.3.25 or later to resolve the issue. As a temporary workaround, consider restricting the reception rate of RELAY COMMAND SENDME commands to minimize the risk of exploitation.