AVG-539 log

Package tor
Status Fixed
Severity High
Type multiple issues
Current [extra]
Ticket None
Created Tue Dec 5 20:07:11 2017
Issue Severity Remote Type Description
CVE-2017-8823 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Tor before, leading to a crash of v2 Tor onion services when they failed to open circuits while...
CVE-2017-8822 High Yes Information disclosure
In Tor before, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity,...
CVE-2017-8820 Medium Yes Denial of service
A denial of service issue where an attacker could crash a directory authority using a malformed router descriptor has been found in Tor before
CVE-2017-8819 Medium Yes Information disclosure
An issue has been found in the way Tor before checked for replays, leading to a possible traffic confirmation attack.
Date Advisory Package Type
16 Dec 2017 ASA-201712-10 tor multiple issues