← back
CVE-2018-0491

CVE-2018-0491

EPSS 15.6%
A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list.
Affected products
n/a · Tor
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44994/unverifiedexploitdbwww.exploit-db.com/exploits/44994unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915https://trac.torproject.org/projects/tor/ticket/24700https://trac.torproject.org/projects/tor/ticket/25117https://www.exploit-db.com/exploits/44994/