wiki:TROVE

TROVE: Tor Registry Of Vulnerabilities and Exposures

This page is an experimental registry of Tor software security problems, as we find them. We assign each one a number based on the year, the month, and an index.

For more information on the security policy we're using here, see the network team Security Policy page.

TROVE ID Ticket Severity Bug In Fix In Synopsis CVE Id extra
TROVE-2016-10-001 #20384 , #20894 Medium 0.2.0.16-alpha 0.2.4,28, 0.2.5.13, 0.2.6.11 0.2.7.7, 0.2.8.9, 0.2.9.4-alpha buf_t buffer read beyond end CVE-2016-8860 (Debian: tracker DSA-3694 DLA-663-1)
TROVE-2016-12-002 #21018 Medium 0.2.0.8-alpha 0.2.4.28, 0.2.5.13, 0.2.6.11, 0.2.7.7, 0.2.8.12, 0.2.9.8 0.3.0.1-alpha parse HS descs one byte past end CVE-2016-1254 (Debian: tracker DSA-3741 DLA-754-1)
TROVE-2017-001 #21278 Medium 0.0.8pre1 0.2.4.28, 0.2.5.13, 0.2.6.11, 0.2.7.7, 0.2.8.13, 0.2.9.10, 0.3.0.4-rc, Signed integer overflow when comparing versions
TROVE-2017-002 #22253, #22246 Medium 0.3.0.1-alpha 0.3.0.7, 0.3.1.1-alpha Remotely triggerable assertion failure in relays
TROVE-2017-003 #22268 Low 0.2.8.1-alpha 0.2.8.14, 0.2.9.11, 0.3.0.8, 0.3.1.3-alpha Impersonation of a single a few fallback directory mirrors initial post
TROVE-2017-004 #22493 High 0.3.0.1-alpha 0.3.0.8, 0.3.1.3-alpha Remote assertion failure against hidden services CVE-2017-0375 (Debian: tracker)
TROVE-2017-005 #22494 High 0.2.2.1-alpha 0.2.4.29, 0.2.5.14, 0.2.6.12, 0.2.7.8, 0.2.8.14, 0.2.9.11 0.3.0.8, 0.3.1.3-alpha Remote assertion failure against hidden services CVE-2017-0376 (Debian: tracker, #864424 DSA-3877 DLA-982-1))
TROVE-2017-006 #22753 Medium 0.3.0.1-alpha 0.3.0.9, 0.3.1.4-alpha Path selection issue CVE-2017-0377 (Debian: tracker )
TROVE-2017-007 #22789 Medium 0.2.3.8-alpha 0.3.0.10, 0.3.1.5-alpha, 0.2.5.15, 0.2.8.15, 0.2.9.12 Remote assertion failure on openbsd
TROVE-2017-008 #23490 Medium 0.2.7.2-alpha 0.2.8.15, 0.2.9.12, 0.3.0.11, 0.3.1.7 Stack disclosure in hidden services logs when SafeLogging disabled CVE-2017-0380 (Debian: tracker, #876221)
TROVE-2017-009 #24244 Medium 0.2.4 and later 0.2.5.16, 0.2.8.17, 0.2.9.14, 0.3.0.13, 0.3.1.9, 0.3.2.6-alpha Replay-cache ineffective for v2 onion services. CVE-2017-8819 (Debian: tracker, DSA-4054 )
TROVE-2017-010 #24245 Medium 0.2.9 and later 0.2.9.14, 0.3.0.13, 0.3.1.9, 0.3.2.6-alpha Remote DoS attack against directory authorities CVE-2017-8820 (Debian: tracker, DSA-4054 )
TROVE-2017-011 #24246 High all Tor versions 0.2.5.16, 0.2.8.17, 0.2.9.14, 0.3.0.13, 0.3.1.9, 0.3.2.6-alpha An attacker can make Tor ask for a password CVE-2017-8821 (Debian: tracker, DSA-4054 )
TROVE-2017-012 #24333 Medium 0.2.5 and later 0.2.5.16, 0.2.8.17, 0.2.9.14, 0.3.0.13, 0.3.1.9, 0.3.2.6-alpha Relays can pick themselves in a circuit path CVE-2017-8822 (Debian: tracker, DSA-4054 )
TROVE-2017-013 #24430 High 0.2.7 and later 0.2.8.17, 0.2.9.14, 0.3.0.13, 0.3.1.9, 0.3.2.6-alpha Use-after-free in onion service v2 CVE-2017-8823 (Debian: tracker, DSA-4054 )

Remember: please get CVE-Ids for everything of severity Medium or higher. To get a CVE-Id, email weasel with a short description of the issue.

Last modified 5 days ago Last modified on Dec 11, 2017, 1:23:00 PM