CVE-2017-11565

Name of the Vulnerable Software and Affected Versions Tor version 0.2.9.11-1~deb9u1

Description The issue is related to the debian/tor.init script in the Tor package, which was designed to execute aa-exec from the standard system pathname if the apparmor package is installed. However, the script implements this incorrectly, assuming the specific pathname would remain the same forever. This allows attackers to bypass intended AppArmor restrictions by leveraging the silent loss of this protection mechanism. The issue does not affect systems where Tor startup relies on a systemd unit file, such as default Debian stretch installations.

Recommendations For Tor version 0.2.9.11-1~deb9u1, consider disabling the execution of aa-exec from the standard system pathname until a corrected version of the tor.init script is available. As a temporary workaround, restrict access to the vulnerable script to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.