Denial of Service Vulnerability in Tor by The Tor Project
CVE-2017-8820

7.5HIGH

Key Information:

Vendor: Tor Project
Status: Tor Before 0.2.5.16, 0.2.6 Through 0.2.8 Before 0.2.8.17, 0.2.9 Before 0.2.9.14, 0.3.0 Before 0.3.0.13, And 0.3.1 Before 0.3.1.9
Vendor: CVE Published:; 3 December 2017

🔔 Create Tor Project Vulnerability Alert

What is CVE-2017-8820?

A vulnerability in various versions of Tor allows remote attackers to trigger a denial of service by sending malformed descriptors to directory authorities. This can lead to a NULL pointer dereference and cause the application to crash, potentially disrupting Tor services for users. It is crucial for users and system administrators to apply the latest updates to mitigate this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9