Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:31008
HistoryJun 19, 2021 - 8:48 p.m.

Denial Of Service (DoS)

2021-06-1920:48:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13

0.002 Low

EPSS

Percentile

62.2%

tor is vulnerable to denial of service. An attacker is able to cause an application crash through a hashtable-based CPU denial-of-service attack against relays. Previously a naive unkeyed hash function to look up circuits in a circuitmux object was used. An attacker could exploit this to construct circuits with chosen circuit IDs, to create collisions and make the hash table inefficient. Now a SipHash construction is used instead.