Changes between Initial Version and Version 1 of Ticket #24246

Dec 1, 2017, 2:01:00 PM (3 years ago)

Fixed in today's security releases.


  • Ticket #24246

    • Property Status changed from assigned to closed
    • Property Resolution changed from to fixed
    • Property Summary changed from Fix TROVE-2017-011 to Fix TROVE-2017-011: An attacker can make tor ask for a password
  • Ticket #24246 – Description

    initial v1  
     2TROVE-2017-011: An attacker can make Tor ask for a password
     4SEVERITY: High
     6ALSO TRACKED AS: OSS-Fuzz testcase 6360145429790720, CVE-2017-8821
     8CREDIT: This was found by OSS-Fuzz.
     12  All over our code, we accept parse RSA public keys in the "PEM"
     13  format, such as:
     15  -----BEGIN RSA PUBLIC KEY-----
     16  SXQncyBjb29sIHRoYXQgeW91IHdlcmUgY29uY2VybmVkIGVub3VnaCB0byBjaGVj
     17  aywgYnV0IHRoZXJlIGlzIGluIGZhY3Qgbm8gc2VjcmV0IGluZm9ybWF0aW9uIGhl
     18  cmUuICBUaGlzIHNwYWNlIGludGVudGlvbmFsbHkgbGVmdCBibGFuay4=\n
     19  -----END RSA PUBLIC KEY-----
     21  But if you pass OpenSSL a public key that's suitably constructed, it
     22  will ask for a password.  This applies to public keys as well as
     23  private keys!
     25  If this "key" is used in a microdescriptor, an onion service
     26  descriptor, a relay or bridge descriptor, or anywhere, then OpenSSL
     27  will pause, and ask for a passphrase.  This blocks Tor, causing a
     28  denial of service attack. If it causes an onion service or busy client
     29  to block, this could aid in traffic analysis.
     31  Tors that are running as a daemon (without a terminal) or inside
     32  another process may not be vulnerable -- it depends on OpenSSL's
     33  behavior when it tries to ask for a password.
     37  Everyone affected should upgrade to one of the releases with the fix
     38  for this issue:,,,,, or