Bug ID | 1207110 |
---|---|
Summary | VUL-0: tor: The SafeSocks option for SOCKS4(a) is inverted leading to SOCKS4 going through (TROVE-2022-002) |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | Leap 15.4 |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | bwiedemann@suse.com |
Reporter | Andreas.Stieger@gmx.de |
QA Contact | security-team@suse.de |
Found By | --- |
Blocker | --- |
It was discovered that tor before 0.4.5.16 / 0.4.7.13 had an inverted logic for the SafeSocks options for SOCKS4 and SOCKS4a. The could load to tor client users who relied on the "SafeSocks 1" option to avoid DNS leaks to have unsafe Tor traffic. The incorrect implementation would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. References: https://gitlab.torproject.org/tpo/core/tor/-/issues/40730 https://gitlab.torproject.org/tpo/core/tor/-/commit/a282145b3634547ab84ccd959d0537c021ff7ffc https://hackerone.com/bugs?subject=torproject&report_id=1784589 https://lists.torproject.org/pipermail/tor-announce/2023-January/000261.html https://forum.torproject.net/t/stable-release-0-4-5-16-and-0-4-7-13/6216