Buffer overflow in Tor

#VU34151 Buffer overflow in Tor

Published: 2020-07-15 | Updated: 2020-08-08

Vulnerability identifier: #VU34151

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-15572

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Tor
Client/Desktop applications / Web browsers

Vendor: tor.eff.org

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Tor before 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka TROVE-2020-001.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Tor: 0.4.4.0 - 0.4.4.1

External links
http://blog.torproject.org/new-release-tor-03511-0428-0436-security-fixes
http://gitlab.torproject.org/tpo/core/tor/-/issues/33119
http://trac.torproject.org/projects/tor/wiki/TROVE

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Buffer overflow in tor.eff Tor