Zotulutsa zowongolera za Tor toolkit (0.3.5.14, 0.4.4.8, 0.4.5.7), zomwe zimagwiritsidwa ntchito pokonzekera magwiridwe antchito a Tor anonymous network, zimaperekedwa. Mabaibulo atsopanowa amachotsa ziwopsezo ziwiri zomwe zingagwiritsidwe ntchito kuukira DoS pa Tor network node:
- CVE-2021-28089 - wowukira angayambitse kukana ntchito kwa ma Tor node aliwonse ndi makasitomala popanga katundu wambiri wa CPU womwe umachitika pokonza mitundu ina ya data. Chiwopsezochi ndichowopsa kwambiri kwa ma relay ndi ma seva a Directory Authority, omwe ndi malo olumikizirana ndi netiweki ndipo ali ndi udindo wotsimikizira ndi kutumiza kwa wogwiritsa mndandanda wazipata zomwe zimayendetsa magalimoto. Ma seva a Directory ndiosavuta kuwukira chifukwa amalola aliyense kukweza deta. Kuwukira motsutsana ndi ma relay ndi makasitomala kutha kukonzedwa ndikutsitsa kachesi.
- CVE-2021-28090 - wowukira atha kuchititsa kuti seva yachikwatu iwonongeke potumiza siginecha yopangidwa mwapadera, yomwe imagwiritsidwa ntchito popereka chidziwitso chokhudza mgwirizano pamaneti.
Source: opennet.ru