#24245: Fix TROVE-2017-010: Remote DoS attack against directory authorities ----------------------------+------------------------------------ Reporter: nickm | Owner: nickm Type: defect | Status: closed Priority: Medium | Milestone: Tor: 0.2.9.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: fixed Keywords: trove-2017-010 | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: ----------------------------+------------------------------------ Changes (by nickm):
* status: accepted => closed * milestone: Tor: 0.3.3.x-final => Tor: 0.2.9.x-final * resolution: => fixed Old description: New description: {{{ TROVE-2017-010: Remote DoS attack against directory authorities SEVERITY: Medium ALSO TRACKED AS: CVE-2017-8820 SUMMARY: If an attacker uploads a malformed descriptor to a directory authority, lacking a protocol line and not claiming any particular Tor compatibility, the authority will crash when it tries to vote. THE PROBLEM: An attacker who sends a malformatted descriptor to a directory authority can make that directory authority crash by reading a null pointer. The problematic code was introduced in 0.2.9.4-alpha, with the rest of the subprotocols system. FIX: All directory authorities should upgrade to one of the releases with a fix for this issue: 0.2.9.14, 0.3.0.13, 0.3.1.9, or 0.3.2.6-alpha. }}} -- Comment: This issue is fixed in today's security releases. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24245#comment:2> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs