Candidate: CVE-2017-0375
PublicDate: 2017-06-09 17:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0375
 https://trac.torproject.org/22493
 https://blog.torproject.org/blog/tor-0308-released-fix-hidden-services-also-are-02429-02514-02612-0278-02814-and-02911
Description:
 The hidden-service feature in Tor before 0.3.0.8 allows a denial of service
 (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_
 function via a malformed BEGIN cell.
Ubuntu-Description:
Notes:
 sbeattie> introduced in 0.3.0.1-alpha
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]

Patches_tor:
upstream_tor: released (0.3.0.8)
precise/esm_tor: DNE
trusty_tor: not-affected (introduced in 0.3.0.1-alpha)
trusty/esm_tor: not-affected (introduced in 0.3.0.1-alpha)
vivid/stable-phone-overlay_tor: DNE
vivid/ubuntu-core_tor: DNE
xenial_tor: not-affected (introduced in 0.3.0.1-alpha)
yakkety_tor: not-affected (introduced in 0.3.0.1-alpha)
zesty_tor: not-affected (introduced in 0.3.0.1-alpha)
devel_tor: not-affected (introduced in 0.3.0.1-alpha)