{"id":"MGASA-2017-0444","summary":"Updated tor packages fix security vulnerability","details":"When checking for replays in the INTRODUCE1 cell data for a (legacy) onion\nservice, Tor didn't correctly detect replays in the RSA- encrypted part of\nthe cell. It was previously checking for replays on the entire cell, but\nthose can be circumvented due to the malleability of Tor's legacy hybrid\nencryption. This can lead to a traffic confirmation attack (CVE-2017-8819).\n\nDenial of service issue where an attacker could crash a directory authority\nusing a malformed router descriptor (CVE-2017-8820).\n\nDenial of service bug where an attacker could use a malformed directory\nobject to cause a Tor instance to pause while OpenSSL would try to read a\npassphrase from the terminal (CVE-2017-8821).\n\nWhen running as a relay, Tor could build a path through itself, especially\nwhen it lost the version of its descriptor appearing in the consensus. When\nrunning as a relay, it could also choose itself as a guard (CVE-2017-8822).\n\nUse-after-free error that could crash v2 Tor onion services when they failed\nto open circuits while expiring introduction points (CVE-2017-8823).\n","modified":"2026-01-30T18:37:46.120141Z","published":"2017-12-07T20:54:25Z","related":["CVE-2017-8819","CVE-2017-8820","CVE-2017-8821","CVE-2017-8822","CVE-2017-8823"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0444.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22108"},{"type":"REPORT","url":"https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"}],"affected":[{"package":{"name":"tor","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/tor?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.2.8.17-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0444.json"}},{"package":{"name":"tor","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/tor?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.2.9.14-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0444.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}