Lucene search

Ubuntu.comUB:CVE-2022-33903

HistoryJul 17, 2022 - 12:00 a.m.

CVE-2022-33903

2022-07-1700:00:00

ubuntu.com

cve-2022-33903

denial of service

rtt estimation

unix

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.2%

JSON

Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of
RTT estimation.

References

bugzilla.redhat.com/show_bug.cgi?id=2099227

github.com/torproject/tor/commit/b0496d40197dd5b4fb7b694c1410082d4e34dda6 (tor-0.4.7.8)

gitlab.torproject.org/tpo/core/tor/-/issues/40626

launchpad.net/bugs/cve/CVE-2022-33903

lists.torproject.org/pipermail/tor-announce/2022-June/000242.html

nvd.nist.gov/vuln/detail/CVE-2022-33903

security-tracker.debian.org/tracker/CVE-2022-33903

www.cve.org/CVERecord?id=CVE-2022-33903

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.2%

JSON

Related for UB:CVE-2022-33903