{"id":"UBUNTU-CVE-2014-5117","details":"Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAY_EARLY cells as a means of communicating information about hidden service names.","modified":"2025-09-08T16:43:12Z","published":"2014-07-30T16:55:00Z","upstream":["CVE-2014-5117"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-5117"},{"type":"REPORT","url":"https://trac.torproject.org/projects/tor/ticket/1038"},{"type":"REPORT","url":"https://lists.torproject.org/pipermail/tor-talk/2014-July/034180.html"},{"type":"REPORT","url":"https://lists.torproject.org/pipermail/tor-announce/2014-July/000094.html"},{"type":"REPORT","url":"https://lists.torproject.org/pipermail/tor-announce/2014-July/000093.html"},{"type":"REPORT","url":"https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2014-5117"}],"affected":[{"package":{"name":"tor","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/tor@0.2.4.27-1build0.14.04.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.2.4.27-1build0.14.04.1"}]}],"versions":["0.2.3.25-1","0.2.4.19-1","0.2.4.20-1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.2.4.27-1build0.14.04.1","binary_name":"tor"},{"binary_version":"0.2.4.27-1build0.14.04.1","binary_name":"tor-geoipdb"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-5117.json"}}],"schema_version":"1.7.3","severity":[{"type":"Ubuntu","score":"medium"}]}