Litokollo tse lokisoang tsa Tor toolkit (0.3.5.14, 0.4.4.8, 0.4.5.7), tse sebelisetsoang ho hlophisa ts'ebetso ea marang-rang a Tor anonymous, li hlahisoa. Liphetolelo tse ncha li tlosa likotsi tse peli tse ka sebelisoang ho etsa litlhaselo tsa DoS ho node tsa marang-rang tsa Tor:
- CVE-2021-28089 - mohlaseli a ka baka ho haneloa ha litšebeletso ho node efe kapa efe ea Tor le bareki ka ho theha mojaro o moholo oa CPU o etsahalang ha o sebetsana le mefuta e meng ea data. Ho ba kotsing ho kotsi haholo bakeng sa li-relay le li-server tsa Directory Authority, e leng lintlha tsa khokahano ho marang-rang mme li ikarabella bakeng sa ho netefatsa le ho fetisetsa ho mosebelisi lethathamo la liheke tse sebetsanang le sephethephethe. Li-server tsa Directory ke tsona tse bonolo ho li hlasela hobane li lumella mang kapa mang ho kenya data. Tlhaselo e khahlano le li-relay le bareki e ka hlophisoa ka ho jarolla cache ea directory.
- CVE-2021-28090 - mohlaseli a ka etsa hore seva sa directory se senyehe ka ho fetisetsa saena e entsoeng ka mokhoa o khethehileng, e sebelisetsoang ho fetisa tlhahisoleseding mabapi le boemo ba tumellano ho marang-rang.
Source: opennet.ru