First published: Sun Aug 26 2012(Updated: )
routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Tor Tor | <=0.2.2.37 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.