Skip to main content

Improper Handling of Exceptional Conditions

CVE-2021-34549

Severity High
Score 7.5/10

Summary

An issue was discovered in Tor prior to 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently, an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-755 - Improper Handling of Exceptional Conditions

The software does not handle or incorrectly handles an exceptional condition.

Advisory Timeline

  • Published