6 matches found
openSUSE Security Update : tor (openSUSE-2020-1970)
This update for tor fixes the following issues : Updating tor to a newer version in the respective codestream. - tor 0.3.5.12 : - Check channels+circuits on relays more thoroughly TROVE-2020-005, boo1178741 - Not affected by out-of-bound memory access CVE-2020-15572, boo1173979 - Fix DoS defenses...
openSUSE Security Update : tor (openSUSE-2020-406)
This update for tor to version 0.3.5.10 fixes the following issues : - tor was updated to version 0.3.5.10 : - CVE-2020-10592: Fixed a CPU consumption denial of service and timing patterns boo1167013 - CVE-2020-10593: Fixed a circuit padding memory leak boo1167014 C Tenable Network Security, Inc...
GLSA-202003-50 : Tor: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202003-50 Tor: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Tor, and tor. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly cause a Denial of...
CVE-2020-10593
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service memory leak, aka TROVE-2020-004. This occurs in circpadsetupmachineoncirc because a circuit-padding machine can be negotiated twice on the same circuit...
CVE-2020-10593
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service memory leak, aka TROVE-2020-004. This occurs in circpadsetupmachineoncirc because a circuit-padding machine can be negotiated twice on the same circuit...
CVE-2020-10593
CVE-2020-10593 affects Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7. Root cause: a circuit-padding machine can be negotiated twice on the same circuit (circpad_setup_machine_on_circ), causing a memory leak that leads to DoS. Exploitation details are not provided beyond th...