Описание
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 0.3.0.13-0ubuntu1~17.10.2 |
| bionic | not-affected | 0.3.1.9-1 |
| cosmic | not-affected | 0.3.1.9-1 |
| devel | not-affected | 0.3.1.9-1 |
| esm-apps/bionic | not-affected | 0.3.1.9-1 |
| esm-apps/xenial | released | 0.2.9.14-1ubuntu1~16.04.2 |
| esm-infra-legacy/trusty | not-affected | code not present |
| precise/esm | DNE | |
| trusty | not-affected | code not present |
| trusty/esm | not-affected | code not present |
Показывать по
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013.
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ...
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013.
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3