CVE-2012-5573 — TOR vulnerability

CWE-3998 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

1.0%

top 22.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Torproject TOR

Timeline

PublishedJan 1

Latest updateMay 17

Description

The connection_edge_process_relay_cell function in or/relay.c in Tor before 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote attackers to cause a denial of service (memory consumption or excessive cell reception rate) or bypass intended flow-control restrictions via a RELAY_COMMAND_SENDME command.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debiantorproject/tor< 0.2.3.25-1+3

▶NVDtorproject/tor0.2.3.24+83

Patches

Patch: gitweb.torproject.org ↗Patch: gitweb.torproject.org ↗

🔴Vulnerability Details

GHSA

GHSA-xvc4-r5fw-47j4: The connection_edge_process_relay_cell function in or/relay↗2022-05-17

▶

OSV

CVE-2012-5573: The connection_edge_process_relay_cell function in or/relay↗2013-01-01

▶

CVEList

CVE-2012-5573: The connection_edge_process_relay_cell function in or/relay↗2013-01-01

▶

📋Vendor Advisories

Debian

CVE-2012-5573: tor - The connection_edge_process_relay_cell function in or/relay.c in Tor before 0.2....↗2012

▶

💬Community

Bugzilla

CVE-2012-5573 tor: denial of service when handling SENDME cells [epel-5]↗2012-11-26

▶

Bugzilla

CVE-2012-5573 tor: denial of service when handling SENDME cells↗2012-11-26

▶

Bugzilla

CVE-2012-5573 tor: denial of service when handling SENDME cells [fedora-all]↗2012-11-26

▶