nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 21:16:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
cee6e7d9e1
tor/changes/bug40391
Nick Mathewson 4c06c619fa Use a more secure hash function for the circuitmux hashtable. 
Fixes bug 40931; bugfix on 0.2.4.4-alpha. Also tracked as
TROVE-2021-005.

This issue was reported by Jann Horn from Google's Project Zero.
2021-05-18 08:40:09 -04:00

10 lines
595 B
Plaintext
Raw Blame History

o Major bugfixes (security):
- Resist a hashtable-based CPU denial-of-service attack against
relays. Previously we used a naive unkeyed hash function to look up
circuits in a circuitmux object. An attacker could exploit this to
construct circuits with chosen circuit IDs in order to try to create
collisions and make the hash table inefficient. Now we use a SipHash
construction for this hash table instead. Fixes bug 40391; bugfix on
0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005.
Reported by Jann Horn from Google's Project Zero.
Reference in New Issue View Git Blame Copy Permalink