CVE-2021-34549 log

Severity Medium
Remote Yes
Type Denial of service
A security issue has been found in Tor before version that could be exploited for a hashtable-based CPU denial-of-service attack against relays. Previously a naive unkeyed hash function to look up circuits in a circuitmux object was used. An attacker could exploit this to construct circuits with chosen circuit IDs, to create collisions and make the hash table inefficient. Now a SipHash construction is used instead.
Group Package Affected Fixed Severity Status Ticket
AVG-2075 tor Medium Fixed
Date Advisory Group Package Severity Type
22 Jun 2021 ASA-202106-50 AVG-2075 tor Medium denial of service