CVE-2017-0376

Source
Severity Medium
Remote Yes
Type Denial of service
Description
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous circuit.
Group Package Affected Fixed Severity Status Ticket
AVG-296 tor 0.3.0.7-1 0.3.0.8-1 Medium Fixed FS#54439
Date Advisory Group Package Severity Description
13 Jun 2017 ASA-201706-13 AVG-296 tor Medium denial of service
References
https://trac.torproject.org/projects/tor/ticket/22494
https://github.com/torproject/tor/commit/56a7c5bc15e0447203a491c1ee37de9939ad1dcd
Notes
introduced in 0.2.2.1-alpha