---

CVE-2021-34549 - log back

CVE-2021-34549 edited at 21 Jun 2021 09:12:08
Severity	- Low + Medium

CVE-2021-34549 edited at 16 Jun 2021 10:55:35
Description	- A security issue has been found in Tor before version 0.4.6.5 that could be exploited for a hashtable-based CPU denial-of-service attack against relays. Previously a naive unkeyed hash function to look up circuits in a circuitmux object was used. An attacker could exploit this to construct circuits with chosen circuit IDs, to create collisions and make the hash table inefficient. Now a SipHash construction is used instead. + A security issue has been found in Tor before version 0.4.5.9 that could be exploited for a hashtable-based CPU denial-of-service attack against relays. Previously a naive unkeyed hash function to look up circuits in a circuitmux object was used. An attacker could exploit this to construct circuits with chosen circuit IDs, to create collisions and make the hash table inefficient. Now a SipHash construction is used instead.
References	https://blog.torproject.org/node/2041 https://gitlab.torproject.org/tpo/core/tor/-/issues/40391 https://gitlab.torproject.org/tpo/core/tor/-/commit/4c06c619faceb5d158a725d97fda45cadb2cf9c9
Notes

CVE-2021-34549 edited at 16 Jun 2021 10:40:53
Severity	- Unknown + Low
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ A security issue has been found in Tor before version 0.4.6.5 that could be exploited for a hashtable-based CPU denial-of-service attack against relays. Previously a naive unkeyed hash function to look up circuits in a circuitmux object was used. An attacker could exploit this to construct circuits with chosen circuit IDs, to create collisions and make the hash table inefficient. Now a SipHash construction is used instead.
References	+ https://blog.torproject.org/node/2041 + https://gitlab.torproject.org/tpo/core/tor/-/issues/40391 + https://gitlab.torproject.org/tpo/core/tor/-/commit/4c06c619faceb5d158a725d97fda45cadb2cf9c9

CVE-2021-34549 created at 16 Jun 2021 10:33:05