tor 0.2.7.6-1ubuntu1 has memory-access severe bug TROVE-2016-10-001
Bug #1662548 reported by
Chad Miller
This bug affects 2 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Tor |
Unknown
|
Unknown
|
|||
| tor (Ubuntu) |
Fix Released
|
Critical
|
Chad Miller | ||
| Trusty |
Won't Fix
|
Undecided
|
Unassigned | ||
| Xenial |
Fix Released
|
Undecided
|
Unassigned | ||
| Yakkety |
Won't Fix
|
Undecided
|
Unassigned | ||
Bug Description
A buffer overrun can crash Tor 0.2.4.27 (trusty), 0.2.7.6 (xenial), 0.2.8.8 (yakkety) causing d-o-s.
Tor treats "the contents of a buffer chunk as if they were a NUL-terminated string. At least one such bug seems to be present in all currently used versions of Tor, and would allow an attacker to remotely crash most Tor instances, especially those compiled with extra compiler hardening."
Revision history for this message
| Chad Miller (cmiller) wrote | #1 |
| Changed in tor (Ubuntu): | |
| assignee: | nobody → Chad Miller (cmiller) |
| status: | New → Confirmed |
| importance: | Undecided → Critical |
| milestone: | none → trusty-updates |
| milestone: | trusty-updates → none |
| affects: | vidalia → tor |
Revision history for this message
| Robie Basak (racb) wrote | #2 |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #3 |
| Changed in tor (Ubuntu Trusty): | |
| status: | New → Confirmed |
| Changed in tor (Ubuntu Xenial): | |
| status: | New → Confirmed |
| Changed in tor (Ubuntu Yakkety): | |
| status: | New → Confirmed |
Revision history for this message
| Otus (jan-varho) wrote | #6 |
Revision history for this message
| Simon Déziel (sdeziel) wrote | #7 |
| Changed in tor (Ubuntu Xenial): | |
| status: | Confirmed → Fix Released |
| Changed in tor (Ubuntu): | |
| status: | Confirmed → Fix Released |
| Changed in tor (Ubuntu Trusty): | |
| status: | Confirmed → Won't Fix |
| Changed in tor (Ubuntu Yakkety): | |
| status: | Confirmed → Won't Fix |
To post a comment you must log in.
This is TROVE-2016-10-001 .