CVE-2021-34549
https://notcve.org/view.php?id=CVE-2021-34549
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently. an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency. Se ha detectado un problema en Tor versiones anteriores a 0.4.6.5, también se conoce como TROVE-2021-005. Un hashing es manejado inapropiadamente para determinadas recuperaciones de datos del circuito. • https://blog.torproject.org/node/2041 https://gitlab.torproject.org/tpo/core/tor/-/issues/40391 https://security.gentoo.org/glsa/202107-25 • CWE-400: Uncontrolled Resource Consumption •
CVE-2021-34548 – Tor Half-Closed Connection Stream Confusion
https://notcve.org/view.php?id=CVE-2021-34548
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream. Se ha detectado un problema en Tor versiones anteriores a 0.4.6.5, también se conoce como TROVE-2021-003. Un atacante puede falsificar las funciones RELAY_END o RELAY_RESOLVED para omitir el control de acceso previsto para terminar un flujo Tor suffers from an issue where half-closed connection tracking ignores layer_hint and due to this, entry/middle relays can spoof RELAY_END cells on half-closed streams, which can lead to stream confusion between OP and exit. • http://packetstormsecurity.com/files/163510/Tor-Half-Closed-Connection-Stream-Confusion.html https://blog.torproject.org/node/2041 https://gitlab.torproject.org/tpo/core/tor/-/issues/40389 https://security.gentoo.org/glsa/202107-25 • CWE-290: Authentication Bypass by Spoofing •
CVE-2021-34550
https://notcve.org/view.php?id=CVE-2021-34550
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-006. The v3 onion service descriptor parsing allows out-of-bounds memory access, and a client crash, via a crafted onion service descriptor Se ha detectado un problema en Tor versiones anteriores a 0.4.6.5, también se conoce como TROVE-2021-006. El análisis del descriptor del servicio de v3 onion, permite un acceso a la memoria fuera de límites, y un bloqueo del cliente, por medio de un descriptor de servicio onion diseñado • https://blog.torproject.org/node/2041 https://gitlab.torproject.org/tpo/core/tor/-/issues/40392 https://security.gentoo.org/glsa/202107-25 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2021-28090
https://notcve.org/view.php?id=CVE-2021-28090
Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002. Tor versiones anteriores a 0.4.5.7, permite a un atacante remoto causar que autoridades del directorio de Tor salgan con un fallo de aserción, también se conoce como TROVE-2021-002 • https://blog.torproject.org/node/2009 https://bugs.torproject.org/tpo/core/tor/40316 https://gitlab.torproject.org/tpo/core/tor/-/issues/40316 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPDXB2GZHG3VNOTWSXQ3QZVHNV76WCU5 https://security.gentoo.org/glsa/202107-25 • CWE-617: Reachable Assertion •
CVE-2021-28089
https://notcve.org/view.php?id=CVE-2021-28089
Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001. Tor versiones anteriores a 0.4.5.7, permite a un participante remoto en el protocolo de directorio de Tor agotar los recursos de la CPU en un objetivo, también se conoce como TROVE-2021-001 • https://blog.torproject.org/node/2009 https://gitlab.torproject.org/tpo/core/tor/-/issues/40304 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPDXB2GZHG3VNOTWSXQ3QZVHNV76WCU5 https://security.gentoo.org/glsa/202107-25 • CWE-400: Uncontrolled Resource Consumption •