CVE-2021-34550 - log back

CVE-2021-34550 edited at 16 Jun 2021 10:55:55
Description
- A security issue has been found in Tor before version 0.4.6.5. An out-of-bounds memory access in the v3 onion service descriptor parsing could be exploited by crafting an onion service descriptor that would crash any client that tried to visit it.
+ A security issue has been found in Tor before version 0.4.5.9. An out-of-bounds memory access in the v3 onion service descriptor parsing could be exploited by crafting an onion service descriptor that would crash any client that tried to visit it.
References
https://blog.torproject.org/node/2041
https://gitlab.torproject.org/tpo/core/tor/-/issues/40392
https://gitlab.torproject.org/tpo/core/tor/-/commit/f57b5c48e0aa01acd84a194fe4657a0d1cee04cf
Notes
CVE-2021-34550 edited at 16 Jun 2021 10:42:09
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ A security issue has been found in Tor before version 0.4.6.5. An out-of-bounds memory access in the v3 onion service descriptor parsing could be exploited by crafting an onion service descriptor that would crash any client that tried to visit it.
References
+ https://blog.torproject.org/node/2041
+ https://gitlab.torproject.org/tpo/core/tor/-/issues/40392
+ https://gitlab.torproject.org/tpo/core/tor/-/commit/f57b5c48e0aa01acd84a194fe4657a0d1cee04cf
CVE-2021-34550 created at 16 Jun 2021 10:33:05