Red Hat Bugzilla – Bug 880310
CVE-2012-5573 tor: denial of service when handling SENDME cells
Last modified: 2013-04-03 14:19:45 EDT
It was reported , that Tor suffered from a denial of service vulnerability due to an error when handling SENDME cells. This could be exploited to cause excessive consumption of memory resources within an entry node.
This is fixed in upstream version 0.2.3.25 (git ).
Created tor tracking bugs for this issue
Affects: fedora-all [bug 880313]
Affects: epel-5 [bug 880314]
This was assigned CVE-2012-5573:
tor-0.2.3.25-1802.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
tor-0.2.3.25-1702.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.