Siidaynta saxda ah ee qalabka Tor (0.3.5.14, 0.4.4.8, 0.4.5.7), oo loo isticmaalo habaynta hawlgalka shabakadda Tor, ayaa la soo bandhigay. Noocyada cusubi waxay meesha ka saarayaan laba dayacan oo loo isticmaali karo in lagu fuliyo weerarrada DoS ee qanjidhada shabakada Tor:
- CVE-2021-28089-Weeraruhu wuxuu u keeni karaa diidmo adeeg kasta Tor nodes iyo macaamiisha isagoo abuuraya culeys weyn oo CPU ah oo dhaca marka la farsameeyo noocyada xogta qaarkood. Nuglaanta ayaa aad ugu khatarsan relays-ka iyo adeegayaasha Hay'adda Hagaha, kuwaas oo ah meelaha isku xidha shabakada oo ka mas'uul ah xaqiijinta iyo u gudbinta isticmaalaha liiska albaabada socodsiiya socodka gaadiidka. Adeegaha hagaha ayaa ah kuwa ugu fudud in la weeraro sababtoo ah waxay u ogolaadaan qof kasta inuu soo geliyo xogta. Weerar ka dhan ah relays-ka iyo macaamiisha waxa lagu abaabuli karaa soo dejinta kaydka hagaha.
- CVE-2021-28090-Weeraruhu wuxuu sababi karaa inuu shil galo server-ka hagaha isagoo gudbinaya saxiix gaar ah oo nashqadeysan, kaas oo loo isticmaalo gudbinta macluumaadka ku saabsan xaaladda la isku raacsan yahay ee shabakada.
Source: opennet.ru