What is the severity of REDHAT-BUG-2099227?

REDHAT-BUG-2099227 is classified as a Denial of Service vulnerability that can significantly affect the performance of Tor.

How do I fix REDHAT-BUG-2099227?

To fix REDHAT-BUG-2099227, update your Tor software to version 0.4.7.8 or later.

What systems are affected by REDHAT-BUG-2099227?

REDHAT-BUG-2099227 affects clients, onion services, and relays running the Tor Project Tor software.

Can REDHAT-BUG-2099227 be exploited remotely?

Yes, REDHAT-BUG-2099227 can be triggered remotely by a malicious endpoint.

What consequences can arise from REDHAT-BUG-2099227?

The consequences of REDHAT-BUG-2099227 include degraded congestion control performance across all circuits, impacting user experience.

Vulnerability/
REDHAT-BUG-2099227

medium

20/6/2022

REDHAT-BUG-2099227

First published: Mon Jun 20 2022(Updated: )

A Denial of Service issue was fixed in tor 0.4.7.8 related to congestion control. RTT estimation can become wedged, seriously degrading congestion control performance on all circuits. This impacts clients, onion services, and relays, and can be triggered remotely by a malicious endpoint. References: <a href="https://gitlab.torproject.org/tpo/core/tor/-/issues/40626">https://gitlab.torproject.org/tpo/core/tor/-/issues/40626</a> <a href="https://lists.torproject.org/pipermail/tor-announce/2022-June/000242.html">https://lists.torproject.org/pipermail/tor-announce/2022-June/000242.html</a> <a href="https://github.com/torproject/tor/commit/5a25374209689466e10906a77e66ad717a615a02">https://github.com/torproject/tor/commit/5a25374209689466e10906a77e66ad717a615a02</a> <a href="https://github.com/torproject/tor/commit/b0496d40197dd5b4fb7b694c1410082d4e34dda6">https://github.com/torproject/tor/commit/b0496d40197dd5b4fb7b694c1410082d4e34dda6</a>

Affected Software	Affected Version	How to fix
Tor Project Tor

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-2099227?
REDHAT-BUG-2099227 is classified as a Denial of Service vulnerability that can significantly affect the performance of Tor.
How do I fix REDHAT-BUG-2099227?
To fix REDHAT-BUG-2099227, update your Tor software to version 0.4.7.8 or later.
What systems are affected by REDHAT-BUG-2099227?
REDHAT-BUG-2099227 affects clients, onion services, and relays running the Tor Project Tor software.
Can REDHAT-BUG-2099227 be exploited remotely?
Yes, REDHAT-BUG-2099227 can be triggered remotely by a malicious endpoint.
What consequences can arise from REDHAT-BUG-2099227?
The consequences of REDHAT-BUG-2099227 include degraded congestion control performance across all circuits, impacting user experience.

agent/type
agent/first-publish-date
agent/last-modified-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2022-33903
agent/references
agent/severity
agent/description
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/tor project
canonical/tor project tor

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.