Anonymity Degradation Vulnerability in Tor Software by Tor Project
CVE-2017-8822

3.7LOW

Key Information:

Vendor: Tor Project
Status: Tor Before 0.2.5.16, 0.2.6 Through 0.2.8 Before 0.2.8.17, 0.2.9 Before 0.2.9.14, 0.3.0 Before 0.3.0.13, And 0.3.1 Before 0.3.1.9
Vendor: CVE Published:; 3 December 2017

🔔 Create Tor Project Vulnerability Alert

What is CVE-2017-8822?

In certain versions of Tor, relays that have not fully downloaded descriptors can mistakenly include themselves in circuit paths. This behavior poses a risk by compromising user anonymity, as it allows potential attackers to deduce users' activities through circuit selection flaws. The vulnerability has been addressed in updated Tor releases that include security fixes to ensure safe relay selection and proper descriptor handling.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9