CVE-2013-7295

Name of the Vulnerable Software and Affected Versions Tor versions prior to 0.2.4.20

Description The issue affects Tor when used with OpenSSL 1.x and a specific HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms. It does not properly generate random numbers for relay identity keys and hidden-service identity keys. This could make it easier for remote attackers to bypass cryptographic protection mechanisms.

Recommendations For Tor versions prior to 0.2.4.20, update to version 0.2.4.20 or later to resolve the issue. As a temporary workaround, consider disabling the HardwareAccel setting on affected platforms until a patch is applied. Restrict access to relay and hidden services to minimize the risk of exploitation. Avoid using the affected Tor versions on Intel Sandy Bridge and Ivy Bridge platforms with the specific HardwareAccel setting until the issue is resolved.