CVE-2025-4444

Name
CVE-2025-4444
Description
A security flaw has been discovered in Tor up to 0.4.7.16/0.4.8.17. Impacted is an unknown function of the component Onion Service Descriptor Handler. Performing manipulation results in resource consumption. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is considered difficult. Upgrading to version 0.4.8.18 and 0.4.9.3-alpha is recommended to address this issue. It is recommended to upgrade the affected component.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
patch https://forum.torproject.org/t/alpha-and-stable-release-0-4-8-18-and-0-4-9-3-alpha/20578
related https://github.com/chunmianwang/Tordos
release-notes https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes
signature https://vuldb.com/?ctiid.324814
vdb-entry https://vuldb.com/?id.324814
third-party-advisory https://vuldb.com/?submit.640605

Match rules

CPE URI Source package Min version Max version
tor == 0.4.7.0 == 0.4.7.0
tor == 0.4.7.1 == 0.4.7.1
tor == 0.4.7.2 == 0.4.7.2
tor == 0.4.7.3 == 0.4.7.3
tor == 0.4.7.4 == 0.4.7.4
tor == 0.4.7.5 == 0.4.7.5
tor == 0.4.7.6 == 0.4.7.6
tor == 0.4.7.7 == 0.4.7.7
tor == 0.4.7.8 == 0.4.7.8
tor == 0.4.7.9 == 0.4.7.9
tor == 0.4.7.10 == 0.4.7.10
tor == 0.4.7.11 == 0.4.7.11
tor == 0.4.7.12 == 0.4.7.12
tor == 0.4.7.13 == 0.4.7.13
tor == 0.4.7.14 == 0.4.7.14
tor == 0.4.7.15 == 0.4.7.15
tor == 0.4.7.16 == 0.4.7.16
tor == 0.4.8.0 == 0.4.8.0
tor == 0.4.8.1 == 0.4.8.1
tor == 0.4.8.2 == 0.4.8.2
tor == 0.4.8.3 == 0.4.8.3
tor == 0.4.8.4 == 0.4.8.4
tor == 0.4.8.5 == 0.4.8.5
tor == 0.4.8.6 == 0.4.8.6
tor == 0.4.8.7 == 0.4.8.7
tor == 0.4.8.8 == 0.4.8.8
tor == 0.4.8.9 == 0.4.8.9
tor == 0.4.8.10 == 0.4.8.10
tor == 0.4.8.11 == 0.4.8.11
tor == 0.4.8.12 == 0.4.8.12
tor == 0.4.8.13 == 0.4.8.13
tor == 0.4.8.14 == 0.4.8.14
tor == 0.4.8.15 == 0.4.8.15
tor == 0.4.8.16 == 0.4.8.16
tor == 0.4.8.17 == 0.4.8.17
tor == 0.4.8.18 == 0.4.8.18
tor == 0.4.9.3-alpha == 0.4.9.3-alpha

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
tor edge-community 0.4.8.13-r0 omni <omni+alpine@hack.org> possibly vulnerable
tor edge-community 0.4.8.14-r0 omni <omni+alpine@hack.org> possibly vulnerable
tor edge-community 0.4.8.14-r1 omni <omni+alpine@hack.org> possibly vulnerable
tor edge-community 0.4.8.15-r0 omni <omni+alpine@hack.org> possibly vulnerable
tor edge-community 0.4.8.16-r0 omni <omni+alpine@hack.org> possibly vulnerable
tor edge-community 0.4.8.16-r1 omni <omni+alpine@hack.org> possibly vulnerable
tor edge-community 0.4.8.17-r0 omni <omni+alpine@hack.org> possibly vulnerable
tor edge-community 0.4.8.18-r0 omni <omni+alpine@hack.org> possibly vulnerable
tor 3.22-community 0.4.8.16-r0 omni <omni+alpine@hack.org> possibly vulnerable
tor 3.22-community 0.4.8.17-r0 omni <omni+alpine@hack.org> possibly vulnerable
tor 3.22-community 0.4.8.18-r0 omni <omni+alpine@hack.org> possibly vulnerable
tor edge-community 0.4.8.18-r1 omni <omni+alpine@hack.org> possibly vulnerable
tor 3.22-community 0.4.8.18-r1 omni <omni+alpine@hack.org> possibly vulnerable
tor edge-community 0.4.8.18-r2 omni <omni+alpine@hack.org> possibly vulnerable
tor 3.22-community 0.4.8.18-r2 omni <omni+alpine@hack.org> possibly vulnerable