CVE-2021-28089 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	Yes
Type	Denial of service
Description	A security issue was found in Tor before versions 0.4.5.7, 0.4.4.8 and 0.3.5.14. The dump_desc() function was called incorrectly in several places in a way that could lead to excessive CPU usage.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1699	tor	0.4.5.6-1	0.4.5.7-1	Low	Fixed

References
https://blog.torproject.org/node/2009 https://gitlab.torproject.org/tpo/core/tor/-/issues/40286 https://gitlab.torproject.org/tpo/core/tor/-/commit/ede88c374cd61e1e362422718625707a770cffff