[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #33120 [Core Tor/Tor]: Resolve TROVE-2020-002
#33120: Resolve TROVE-2020-002
-------------------------------------------------+-------------------------
Reporter: nickm | Owner: nickm
Type: defect | Status: closed
Priority: High | Milestone: Tor:
| 0.4.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution: fixed
Keywords: 043-must 035-backport 041-backport | Actual Points: 3
042-backport |
Parent ID: | Points: 1
Reviewer: ahf, asn, catalyst | Sponsor:
-------------------------------------------------+-------------------------
Changes (by nickm):
* keywords: 043-must => 043-must 035-backport 041-backport 042-backport
* status: needs_review => closed
* resolution: => fixed
* actualpoints: => 3
Old description:
New description:
This is the description I posted in the changelog:
{{{
TROVE-2020-002 is a vulnerability affecting
all released Tor instances since 0.2.1.5-alpha. Using this
vulnerability, an attacker could cause Tor instances to consume a huge
amount of CPU, disrupting their operations for several seconds or
minutes. This attack could be launched by anybody against a relay, or
by a directory cache against any client that had connected to it. The
attacker could launch this attack as much as they wanted, thereby
disrupting service or creating patterns that could aid in traffic
analysis. This issue was found by OSS-Fuzz, and is also tracked
as CVE-2020-10592.
}}}
I will post a more detailed analysis in a week or so.
This issue is fixed in today's Tor releases: 0.3.5.10, 0.4.1.9, 0.4.2.7,
and 0.4.3.3-alpha.
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33120#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs