Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. Upstream issue: https://trac.torproject.org/projects/tor/ticket/24052 References: https://blog.torproject.org/tor-browser-709-released https://www.bleepingcomputer.com/news/security/tormoil-vulnerability-leaks-real-ip-address-from-tor-browser-users/ https://www.wearesegment.com/research/tormoil-torbrowser-unspecified-critical-security-vulnerability/
Created tor tracking bugs for this issue: Affects: epel-all [bug 1510817] Affects: fedora-all [bug 1510818]
This was found to be a bug in Firefox ESR, fixed in 60.2: Browser proxy settings can be bypassed by using the automount feature with autofs to create a mount point on the local file system. Content can be loaded from this mounted file system directly using a `file:` URI, bypassing configured proxy settings. *Note: this issue only affects OS X in default configurations. On Linux systems, autofs must be installed for the vulnerability to occur and Windows is not affected.* External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2017-16541
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2692
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:2693
Statement: This flaw cannot be exploited through email in Thunderbird as scripting is disabled in this for email content. It may be possible to exploit through Feeds (Atom or RSS) or other browser-like contexts.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3403
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3458 https://access.redhat.com/errata/RHSA-2018:3458