PT-2019-19281 · Tor+4 · Tor+4

Publicado

2019-02-21

·

Atualizado

2024-06-15

·

CVE-2019-8955

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Tor versions prior to 0.3.3.12 Tor versions 0.3.4.x prior to 0.3.4.11 Tor versions 0.3.5.x prior to 0.3.5.8 Tor versions 0.4.x prior to 0.4.0.2-alpha
Description The issue allows for remote denial of service against Tor clients and relays due to memory exhaustion in the KIST cell scheduler.
Recommendations For Tor versions prior to 0.3.3.12, update to version 0.3.3.12 or later. For Tor versions 0.3.4.x prior to 0.3.4.11, update to version 0.3.4.11 or later. For Tor versions 0.3.5.x prior to 0.3.5.8, update to version 0.3.5.8 or later. For Tor versions 0.4.x prior to 0.4.0.2-alpha, update to version 0.4.0.2-alpha or later.

Correção

DoS

Allocation of Resources Without Limits

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-770

Identificadores relacionados

ALT-PU-2019-1291
CVE-2019-8955
OPENSUSE-SU-2019:1107-1
OPENSUSE-SU-2019_1107-1
OPENSUSE-SU-2024:11469-1
USN-5036-1

Produtos afetados

Alt Linux
Linuxmint
Suse
Tor
Ubuntu