Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-0491Use After Free in TOR

CWE-416Use After Free8 documents7 sources
Severity
7.5HIGHNVD
EPSS
8.0%
top 7.87%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Torproject TOR
Timeline
PublishedMar 5
Latest updateMay 14

Description

A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDtorproject/tor0.3.2.00.3.2.10
Debiantorproject/tor< 0.3.2.10-1+3
CVEListV5torproject/torTor

Patches

Patch: trac.torproject.orgPatch: trac.torproject.org

🔴Vulnerability Details

3
GHSA
GHSA-8wr4-7fjq-4qxw: A use-after-free issue was discovered in Tor 02022-05-14
OSV
CVE-2018-0491: A use-after-free issue was discovered in Tor 02018-03-05
CVEList
CVE-2018-0491: A use-after-free issue was discovered in Tor 02018-03-05

💥Exploits & PoCs

1
Exploit-DB
Tor Browser < 0.3.2.10 - Use After Free (PoC)2018-07-09

📋Vendor Advisories

1
Debian
CVE-2018-0491: tor - A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows ...2018

💬Community

2
Bugzilla
CVE-2018-0491 tor: use-after-free in KIST implementation2018-03-08
Bugzilla
CVE-2018-0490 CVE-2018-0491 tor: various flaws [epel-6]2018-03-08
CVE-2018-0491 — Use After Free in Torproject TOR | cvebase