CVE-2012-3518

Name of the Vulnerable Software and Affected Versions Tor versions prior to 0.2.2.38

Description The issue is related to the networkstatus parse vote from string function in routerparse.c, which does not properly handle an invalid flavor name. This allows remote attackers to cause a denial of service, resulting in an out-of-bounds read and daemon crash, via a crafted vote document or consensus document.

Recommendations For versions prior to 0.2.2.38, update to version 0.2.2.38 or later to resolve the issue. As a temporary workaround, consider restricting access to the networkstatus parse vote from string function until a patch is available.