FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tor -- Use-after-free in onion service v2

Affected packages
		tor	<	0.3.1.9

Details

VuXML ID	36ef8753-d86f-11e7-ad28-0025908740c2
Discovery	2017-12-01
Entry	2017-12-14

The Torproject.org reports:

TROVE-2017-009: Replay-cache ineffective for v2 onion services

TROVE-2017-010: Remote DoS attack against directory authorities

TROVE-2017-011: An attacker can make Tor ask for a password

TROVE-2017-012: Relays can pick themselves in a circuit path

TROVE-2017-013: Use-after-free in onion service v2

[source]

References

CVE Name	CVE-2017-8819
URL	https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516