Upstream information
Description
buf_pullup in Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle unexpected arrival times of buffers with invalid layouts, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via crafted packets.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
SUSE Bugzilla entry: 923284 [RESOLVED / FIXED]SUSE Security Advisories:
- openSUSE-SU-2015:0600-1, published Wed, 25 Mar 2015 13:04:53 +0100 (CET)
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
openSUSE Tumbleweed |
| Patchnames: openSUSE Tumbleweed GA tor-0.2.8.11-1.1 |
SUSE Timeline for this CVE
CVE page created: Fri Mar 20 00:35:31 2015CVE page last modified: Fri Oct 7 12:47:06 2022