tor 0.2.7.6-1ubuntu1 has memory-access severe bug TROVE-2016-10-001
Bug #1662548 reported by
Chad Miller
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Tor |
Unknown
|
Unknown
|
|||
tor (Ubuntu) |
Fix Released
|
Critical
|
Chad Miller | ||
Trusty |
Won't Fix
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Undecided
|
Unassigned | ||
Yakkety |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
A buffer overrun can crash Tor 0.2.4.27 (trusty), 0.2.7.6 (xenial), 0.2.8.8 (yakkety) causing d-o-s.
Tor treats "the contents of a buffer chunk as if they were a NUL-terminated string. At least one such bug seems to be present in all currently used versions of Tor, and would allow an attacker to remotely crash most Tor instances, especially those compiled with extra compiler hardening."
affects: | vidalia → tor |
Changed in tor (Ubuntu): | |
status: | Confirmed → Fix Released |
Changed in tor (Ubuntu Trusty): | |
status: | Confirmed → Won't Fix |
Changed in tor (Ubuntu Yakkety): | |
status: | Confirmed → Won't Fix |
To post a comment you must log in.
This is TROVE-2016-10-001 .