PT-2017-10551 · Tor+1 · Tor+1
Published
2017-06-08
·
Updated
2024-06-15
·
CVE-2017-0375
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Tor versions prior to 0.3.0.8
Description
The issue allows for a denial of service, resulting in an assertion failure and daemon exit. This occurs in the
relay send end cell from edge function when a malformed BEGIN cell is received.Recommendations
For versions prior to 0.3.0.8, update to version 0.3.0.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the hidden-service feature until a patch is applied.
Fix
DoS
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Tor