CVE-2021-34548 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Denial of service |
| Description | A security issue has been found in Tor before version 0.4.5.9. Relays could spoof RELAY_END or RELAY_RESOLVED cell on half-closed streams because clients failed to validate which hop sent these cells. This would allow a relay on a circuit to end a stream that wasn't actually built with it. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2075 | tor | 0.4.5.8-2 | 0.4.5.9-1 | Medium | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 22 Jun 2021 | ASA-202106-50 | AVG-2075 | tor | Medium | denial of service |
| References |
|---|
https://blog.torproject.org/node/2041 https://gitlab.torproject.org/tpo/core/tor/-/issues/40389 https://gitlab.torproject.org/tpo/core/tor/-/commit/adb248b6d6e0779719e6b873ee12a1e22fa390f4 |