[tor-bugs] #15463 [Tor]: TOR CPU load 100%. Hidden service unavailable. Maybe zero-day vulnerability circuit storm.

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Mar 26 03:11:20 UTC 2015


#15463: TOR CPU load 100%. Hidden service unavailable. Maybe zero-day vulnerability
circuit storm.
---------------------+---------------------
 Reporter:  alberto  |          Owner:
     Type:  defect   |         Status:  new
 Priority:  major    |      Milestone:
Component:  Tor      |        Version:
 Keywords:           |  Actual Points:
Parent ID:           |         Points:
---------------------+---------------------
 After start tor- in few minutes CPU load 100% and hidden service
 unavailable.
 If disable concrete hidden service and restart tor- all normal.
 Problem very same as
 https://lists.torproject.org/pipermail/tor-talk/2014-December/035807.html

 In log many same records:

 Mar 26 10:57:48.000 [notice] Tried for 120 seconds to get a connection to
 [scrubbed]:8333. Giving up.
 Mar 26 10:58:26.000 [notice] We tried for 15 seconds to connect to
 '[scrubbed]' using exit
 $3EAAAB35932610411E24FA4317603CB5780B80BC~AccessNow002 at 176.10.99.201.
 Retrying on a new circuit.
 Mar 26 10:58:42.000 [notice] We tried for 15 seconds to connect to
 '[scrubbed]' using exit $379FB450010D17078B3766C2273303C358C3A442~aurora
 at 176.126.252.12. Retrying on a new circuit.
 Mar 26 10:59:04.000 [notice] Closing stream for '[scrubbed].onion': hidden
 service is unavailable (try again later).
 Mar 26 11:01:21.000 [notice] Tried for 130 seconds to get a connection to
 [scrubbed]:8333. Giving up.
 Mar 26 11:02:05.000 [notice] Tried for 123 seconds to get a connection to
 [scrubbed]:0. Giving up. (waiting for circuit)
 Mar 26 11:02:05.000 [notice] Tried for 123 seconds to get a connection to
 [scrubbed]:0. Giving up. (waiting for circuit)
 Mar 26 11:02:05.000 [notice] Tried for 121 seconds to get a connection to
 [scrubbed]:0. Giving up. (waiting for circuit)
 Mar 26 11:02:05.000 [notice] Tried for 129 seconds to get a connection to
 [scrubbed]:0. Giving up. (waiting for circuit)
 Mar 26 11:02:05.000 [notice] Tried for 124 seconds to get a connection to
 [scrubbed]:0. Giving up. (waiting for circuit)
 Mar 26 11:02:18.000 [notice] Tried for 131 seconds to get a connection to
 [scrubbed]:0. Giving up. (waiting for circuit)

 Or
 Mar 26 11:02:51.000 [notice] Your Guard torpidsUKuk2
 ($C9933B3725239B6FAB5227BA33B30BE7B48BB485) is failing more circuits than
 usual. Most likely this means the Tor network is overloaded. Success
 counts are 116/171. Use counts are 48/49. 117 circuits completed, 1 were
 unusable, 0 collapsed, and 126 timed out. For reference, your timeout
 cutoff is 87 seconds.

 Absolutely same situation as
 https://lists.torproject.org/pipermail/tor-talk/2014-December/035833.html
 -----
 use little bandwidth,
 and seem to involve each request having a new rendezvous for each
 attempt, using lots of resources
 -----

 Problem exist at all versions(0.2.5, 0.2.6, master from git)

 At current time few hidden services in TOR network DDOSed by this method.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15463>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list