[tor-bugs] #25117 [Core Tor/Tor]: Resolve TROVE-2018-002: bug 24700 KIST use-after-free can be remotely triggered (was: Resolve TROVE-2018-002)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Mar 3 16:23:59 UTC 2018
#25117: Resolve TROVE-2018-002: bug 24700 KIST use-after-free can be remotely
triggered
--------------------------+------------------------------------
Reporter: nickm | Owner: nickm
Type: defect | Status: closed
Priority: High | Milestone: Tor: 0.3.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution: fixed
Keywords: 033-must | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------
Changes (by nickm):
* status: assigned => closed
* resolution: => fixed
Old description:
New description:
The use-after free KIST bug that we fixed as #24700 can, it turns out, be
triggered remotely, causing relays to crash.
This bug only affects relays and bridges, and only if they are running
0.3.2.1-alpha through 0.3.2.9, or 0.3.3.1-alpha. It is fixed in 0.3.2.10
and 0.3.3.2-alpha.
Tracked as TROVE-2018-002 and CVE-2018-0491.
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25117#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list