TROVE: Tor Registry Of Vulnerabilities and Exposures

This page is an experimental registry of Tor software security problems, as we find them. We assign each one a number based on the year, the month, and an index.

For more information on the security policy we're using here, see the network team Security Policy page.

TROVE ID Ticket Severity Bug In Fix In Synopsis CVE Id extra
TROVE-2016-10-001 #20384 , #20894 Medium 0.2.4,28,,,, buf_t buffer read beyond end CVE-2016-8860 (Debian: tracker DSA-3694 DLA-663-1)
TROVE-2016-12-002 #21018 Medium,,,,, parse HS descs one byte past end CVE-2016-1254 (Debian: tracker DSA-3741 DLA-754-1)
TROVE-2017-001 #21278 Medium 0.0.8pre1,,,,,,, Signed integer overflow when comparing versions
TROVE-2017-002 #22253, #22246 Medium, Remotely triggerable assertion failure in relays
TROVE-2017-003 #22268 Low,,, Impersonation of a single a few fallback directory mirrors initial post
TROVE-2017-004 #22493 High, Remote assertion failure against hidden services CVE-2017-0375 (Debian: tracker)
TROVE-2017-005 #22494 High,,,,,, Remote assertion failure against hidden services CVE-2017-0376 (Debian: tracker, #864424 DSA-3877 DLA-982-1))
TROVE-2017-006 #22753 Medium, Path selection issue CVE-2017-0377 (Debian: tracker )
TROVE-2017-007 #22789 Medium,,,, Remote assertion failure on openbsd
TROVE-2017-008 #23490 Medium,,, Stack disclosure in hidden services logs when SafeLogging disabled CVE-2017-0380 (Debian: tracker, #876221)
TROVE-2017-009 #24244 Medium 0.2.4 and later,,,,, Replay-cache ineffective for v2 onion services. CVE-2017-8819 (Debian: tracker, DSA-4054 )
TROVE-2017-010 #24245 Medium 0.2.9 and later,,, Remote DoS attack against directory authorities CVE-2017-8820 (Debian: tracker, DSA-4054 )
TROVE-2017-011 #24246 High all Tor versions,,,,, An attacker can make Tor ask for a password CVE-2017-8821 (Debian: tracker, DSA-4054 )
TROVE-2017-012 #24333 Medium 0.2.5 and later,,,,, Relays can pick themselves in a circuit path CVE-2017-8822 (Debian: tracker, DSA-4054 )
TROVE-2017-013 #24430 High 0.2.7 and later,,,, Use-after-free in onion service v2 CVE-2017-8823 (Debian: tracker, DSA-4054 )

Remember: please get CVE-Ids for everything of severity Medium or higher. To get a CVE-Id, email weasel with a short description of the issue.

Last modified 5 days ago Last modified on Dec 11, 2017, 1:23:00 PM