PT-2018-8856 · Tor+1 · Tor+1

Publicado

2017-04-28

Atualizado

2024-06-15

CVE-2018-0490

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Tor versions prior to 0.2.9.15 Tor versions 0.3.1.x prior to 0.3.1.10 Tor versions 0.3.2.x prior to 0.3.2.10

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and directory-authority crash. This is achieved via a misformatted relay descriptor that is mishandled during voting.

Recommendations For Tor versions prior to 0.2.9.15, update to version 0.2.9.15 or later. For Tor versions 0.3.1.x prior to 0.3.1.10, update to version 0.3.1.10 or later. For Tor versions 0.3.2.x prior to 0.3.2.10, update to version 0.3.2.10 or later.

Correção

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALT-PU-2017-1539

ALT-PU-2018-1419

CVE-2018-0490

DSA-4183-1

MGASA-2018-0161

OPENSUSE-SU-2018:0614-1

OPENSUSE-SU-2018:0620-1

OPENSUSE-SU-2024:11469-1

Produtos afetados

Alt Linux

Tor

PT-2018-8856 · Tor+1 · Tor+1

CVE-2018-0490

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 50