Improper Handling of Exceptional Conditions
CVE-2021-34549
Summary
An issue was discovered in Tor prior to 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently, an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- NONE
- HIGH
CWE-755 - Improper Handling of Exceptional Conditions
The software does not handle or incorrectly handles an exceptional condition.
Advisory Timeline
- Published