Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 434882 (CVE-2012-4419)

Summary: <net-misc/tor- : Denial of Service (CVE-2012-{4419,4922})
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: minor CC: blueness
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [glsa]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2012-09-13 09:40:17 UTC
From oss-security:

from the tor release notes[0]:
Changes in version - 2012-09-11
  Tor fixes two more opportunities for remotely triggerable 

  o Security fixes:
    - Fix an assertion failure in tor_timegm() that could be triggered
      by a badly formatted directory object. Bug found by fuzzing with
      Radamsa. Fixes bug 6811; bugfix on
    - Do not crash when comparing an address with port value 0 to an
      address policy. This bug could have been used to cause a remote
      assertion failure by or against directory authorities, or to
      allow some applications to crash clients. Fixes bug 6690; bugfix

I have not seen CVE ids for these issues.
Can you assign ids for them?

Comment 1 Agostino Sarubbo gentoo-dev 2012-09-14 14:53:27 UTC
Is ok to stabilize ?
Comment 2 Anthony Basile gentoo-dev 2012-09-15 01:45:47 UTC
Please begin stabilization.  I'll take care of arm/ppc/ppc64

TARGET: amd64 arm  ppc ppc64 sparc x86
Comment 3 Anthony Basile gentoo-dev 2012-09-15 02:06:48 UTC
stable arm ppc ppc64
Comment 4 Agostino Sarubbo gentoo-dev 2012-09-15 10:20:19 UTC
x86 stable
Comment 5 Agostino Sarubbo gentoo-dev 2012-09-15 10:22:14 UTC
amd64 stable
Comment 6 Raúl Porcel (RETIRED) gentoo-dev 2012-09-15 18:01:25 UTC
sparc stable
Comment 7 Agostino Sarubbo gentoo-dev 2012-09-15 19:27:15 UTC
Thanks everyone, @security, please vote.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2012-09-16 14:00:11 UTC
CVE-2012-4922 (
  The tor_timegm function in common/util.c in Tor before, and 0.2.3.x
  before, does not properly validate time values, which allows
  remote attackers to cause a denial of service (assertion failure and daemon
  exit) via a malformed directory object, a different vulnerability than

CVE-2012-4419 (
  The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before, and 0.2.3.x before, allows remote attackers to cause a
  denial of service (assertion failure and daemon exit) via a zero-valued port
  field that is not properly handled during policy comparison.
Comment 9 Sean Amoss (RETIRED) gentoo-dev Security 2012-09-19 10:40:10 UTC
GLSA vote: yes.
Comment 10 Tim Sammut (RETIRED) gentoo-dev 2012-09-20 23:40:53 UTC
GLSA Vote: yes. Added to existing request.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2013-01-09 00:29:38 UTC
This issue was resolved and addressed in
 GLSA 201301-03 at
by GLSA coordinator Sean Amoss (ackle).