Upstream information
Description
buf_pullup in Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle unexpected arrival times of buffers with invalid layouts, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via crafted packets.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
SUSE Bugzilla entry: 923284 [RESOLVED / FIXED]SUSE Security Advisories:
- openSUSE-SU-2015:0600-1
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
openSUSE Tumbleweed |
| Patchnames: openSUSE Tumbleweed GA tor-0.2.8.11-1.1 |
SUSE Timeline for this CVE
CVE page created: Fri Mar 20 00:35:31 2015CVE page last modified: Thu Dec 7 13:08:33 2023