CVE-2017-0377

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-0377

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-0377.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-0377

Downstream

openSUSE-SU-2024:11469-1

Related

openSUSE-SU-2024:11469-1

Published

2017-07-02T15:29:00Z

Modified

2025-09-19T08:42:03.316856Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families.

References

Affected packages

Git / github.com/torproject/tor

Affected ranges

Type: GIT
Repo: https://github.com/torproject/tor
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

665baf5ed5c6186d973c46cdea165c0548027350

Type: GIT
Repo: https://gitlab.torproject.org/tpo/core/tor
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0668d29354a874dc2b7e162f6fd9d34653fdd8ed

Last affected

47d2e4f06ec26a79542865d054f01ea09304f59d

Last affected

802d30d9b71a6d54ef5fd1278ab4858b2e76e750

Last affected

ac04fcd2e758c2258cbde8c8f31586695cb5d666

Last affected

bb2ea3642d54ff03d7d60e593113f4e64e9e07ab

Last affected

cfd9c1bdc05826567a91ff89fd59c0cb70a436b2

Affected versions

debian-version-0.*

debian-version-0.0.1+0.0.2pre19-1

debian-version-0.0.1+0.0.2pre20-1

debian-version-0.0.1+0.0.2pre20-2

debian-version-0.0.1+0.0.2pre21-1

debian-version-0.0.1+0.0.2pre22-1

debian-version-0.0.1+0.0.2pre23-1

debian-version-0.0.1+0.0.2pre24-1

debian-version-0.0.1+0.0.2pre25-1

debian-version-0.0.1+0.0.2pre26-1

debian-version-0.0.1+0.0.2pre27-1

debian-version-0.0.2-1

debian-version-0.0.3-1

debian-version-0.0.4-1

debian-version-0.0.5+0.0.6rc2-1

debian-version-0.0.5+0.0.6rc3-1

debian-version-0.0.5+0.0.6rc4-1

debian-version-0.0.5-1

debian-version-0.0.6-1

debian-version-0.0.6.1-1

debian-version-0.0.6.2-1

debian-version-0.0.7+0.0.8rc1-1

debian-version-0.0.7-1

debian-version-0.0.7.1-1

debian-version-0.0.7.2+0.0.8pre2-1

debian-version-0.0.7.2+0.0.8pre3-1

debian-version-0.0.8+0.0.9pre1-1

debian-version-0.0.8+0.0.9pre2-1

debian-version-0.0.8+0.0.9pre3-1

debian-version-0.0.8+0.0.9pre4-1

debian-version-0.0.8+0.0.9pre5-1

debian-version-0.0.8+0.0.9pre5-2

debian-version-0.0.8+0.0.9pre6-1

debian-version-0.0.8+0.0.9rc1-1

debian-version-0.0.8+0.0.9rc2-1

debian-version-0.0.8+0.0.9rc3-1

debian-version-0.0.8+0.0.9rc5-1

debian-version-0.0.8+0.0.9rc6-1

debian-version-0.0.8+0.0.9rc7-1

debian-version-0.0.8-1

debian-version-0.0.9.1-1

debian-version-0.0.9.10-1

debian-version-0.0.9.2-1

debian-version-0.0.9.3-1

debian-version-0.0.9.4-1

debian-version-0.0.9.5-1

debian-version-0.0.9.6-1

debian-version-0.0.9.7-1

debian-version-0.0.9.8-1

debian-version-0.0.9.9-1

debian-version-0.1.0.1-rc-cvs-200503310807-1

debian-version-0.1.0.1-rc-cvs-200504010815-1

debian-version-0.1.0.10-0-pre.1

debian-version-0.1.0.11-0-pre.1

debian-version-0.1.0.11-1

debian-version-0.1.0.12-1

debian-version-0.1.0.13-1

debian-version-0.1.0.14-1

debian-version-0.1.0.14-2

debian-version-0.1.0.15-1

debian-version-0.1.0.16-1

debian-version-0.1.0.17-1

debian-version-0.1.0.2-rc-200504011500-1

debian-version-0.1.0.2-rc-200504011640-1

debian-version-0.1.0.2-rc-cvs-200504031300-1

debian-version-0.1.0.2-rc-cvs-200504061620-1

debian-version-0.1.0.2-rc-cvs-200504062112-1

debian-version-0.1.0.3-rc-200504080730-1

debian-version-0.1.0.3-rc-200504231430-1

debian-version-0.1.0.3-rc-cvs-200504231630-1

debian-version-0.1.0.4-rc-200504232130-1

debian-version-0.1.0.5-rc-200504272000-1

debian-version-0.1.0.7-rc-200505171420-1

debian-version-0.1.0.8-rc-1

debian-version-0.1.0.9-rc-1

debian-version-0.1.1.10-alpha-1

debian-version-0.1.1.11-alpha-1

debian-version-0.1.1.12-alpha-1

debian-version-0.1.1.13-alpha-1

debian-version-0.1.1.14-alpha-1

debian-version-0.1.1.15-rc-1

debian-version-0.1.1.16-rc-1

debian-version-0.1.1.17-rc-1

debian-version-0.1.1.18-rc-1

debian-version-0.1.1.19-rc-1

debian-version-0.1.1.20-1

debian-version-0.1.1.21-1

debian-version-0.1.1.22-1

debian-version-0.1.1.5-alpha-1

debian-version-0.1.1.6-alpha-1

debian-version-0.1.1.6-alpha-2

debian-version-0.1.1.7-alpha-1

debian-version-0.1.1.8-alpha-1

debian-version-0.1.1.9-alpha-1

tor-0.*

tor-0.0.2

tor-0.0.2pre13

tor-0.0.2pre14

tor-0.0.2pre16

tor-0.0.2pre17

tor-0.0.2pre18

tor-0.0.2pre19

tor-0.0.2pre20

tor-0.0.2pre22

tor-0.0.2pre23

tor-0.0.2pre24

tor-0.0.2pre25

tor-0.0.2pre27

tor-0.0.2pre8

tor-0.0.3

tor-0.0.4

tor-0.0.5

tor-0.0.6

tor-0.0.6.1

tor-0.0.6.2

tor-0.0.6incompat-merged

tor-0.0.7

tor-0.0.7.1

tor-0.0.7.2

tor-0.0.7rc1

tor-0.0.8

tor-0.0.8.1

tor-0.0.8pre1

tor-0.0.8pre2

tor-0.0.8pre3

tor-0.0.8rc1

tor-0.0.8rc2

tor-0.0.9

tor-0.0.9.1

tor-0.0.9.10

tor-0.0.9.2

tor-0.0.9.3

tor-0.0.9.5

tor-0.0.9.6

tor-0.0.9.7

tor-0.0.9.9

tor-0.0.9pre1

tor-0.0.9pre2

tor-0.0.9pre3

tor-0.0.9pre4

tor-0.0.9pre5

tor-0.0.9pre6

tor-0.0.9rc1

tor-0.0.9rc2

tor-0.0.9rc3

tor-0.0.9rc4

tor-0.0.9rc5

tor-0.0.9rc6

tor-0.0.9rc7

tor-0.1.0.1-rc

tor-0.1.0.10

tor-0.1.0.11

tor-0.1.0.12

tor-0.1.0.13

tor-0.1.0.14

tor-0.1.0.15

tor-0.1.0.16

tor-0.1.0.17

tor-0.1.0.2-rc

tor-0.1.0.4-rc

tor-0.1.0.5-rc

tor-0.1.0.6-rc

tor-0.1.0.7-rc

tor-0.1.0.9-rc

tor-0.1.1.1-alpha

tor-0.1.1.10-alpha

tor-0.1.1.11-alpha

tor-0.1.1.12-alpha

tor-0.1.1.13-alpha

tor-0.1.1.14-alpha

tor-0.1.1.15-rc

tor-0.1.1.16-rc

tor-0.1.1.17-rc

tor-0.1.1.18-rc

tor-0.1.1.19-rc

tor-0.1.1.2-alpha

tor-0.1.1.20

tor-0.1.1.21

tor-0.1.1.22

tor-0.1.1.4-alpha

tor-0.1.1.5-alpha

tor-0.1.1.6-alpha

tor-0.1.1.7-alpha

tor-0.1.1.8-alpha

tor-0.1.1.9-alpha

tor-0.1.2.1-alpha

tor-0.1.2.2-alpha

tor-0.1.2.3-alpha

tor-0.1.2.4-alpha

tor-0.1.2.5-alpha

tor-0.1.2.6-alpha

tor-0.1.2.7-alpha

tor-0.1.2.8-beta

tor-0.1.2.9-rc

tor-0.2.0.1-alpha

tor-0.2.0.10-alpha

tor-0.2.0.11-alpha

tor-0.2.0.12-alpha

tor-0.2.0.13-alpha

tor-0.2.0.14-alpha

tor-0.2.0.15-alpha

tor-0.2.0.16-alpha

tor-0.2.0.17-alpha

tor-0.2.0.18-alpha

tor-0.2.0.19-alpha

tor-0.2.0.2-alpha

tor-0.2.0.20-rc

tor-0.2.0.3-alpha

tor-0.2.0.4-alpha@11197

tor-0.2.0.5-alpha

tor-0.2.0.6-alpha

tor-0.2.0.7-alpha

tor-0.2.0.8-alpha

tor-0.2.0.9-alpha

tor-0.2.1.1-alpha

tor-0.2.1.10-alpha

tor-0.2.1.11-alpha

tor-0.2.1.13-alpha

tor-0.2.1.14-rc

tor-0.2.1.15-rc

tor-0.2.1.16-rc

tor-0.2.1.17-rc

tor-0.2.1.18

tor-0.2.1.19

tor-0.2.1.2-alpha

tor-0.2.1.20

tor-0.2.1.21

tor-0.2.1.22

tor-0.2.1.23

tor-0.2.1.24

tor-0.2.1.25

tor-0.2.1.3-alpha

tor-0.2.1.4-alpha

tor-0.2.1.5-alpha

tor-0.2.1.6-alpha

tor-0.2.1.7-alpha

tor-0.2.1.8-alpha

tor-0.2.1.9-alpha

tor-0.2.2.1-alpha

tor-0.2.2.10-alpha

tor-0.2.2.11-alpha

tor-0.2.2.12-alpha

tor-0.2.2.13-alpha

tor-0.2.2.14-alpha

tor-0.2.2.15-alpha

tor-0.2.2.16-alpha

tor-0.2.2.17-alpha

tor-0.2.2.18-alpha

tor-0.2.2.19-alpha

tor-0.2.2.2-alpha

tor-0.2.2.3-alpha

tor-0.2.2.4-alpha

tor-0.2.2.5-alpha

tor-0.2.2.6-alpha

tor-0.2.2.7-alpha

tor-0.2.2.8-alpha

tor-0.2.2.9-alpha

tor-0.2.3.1-alpha

tor-0.2.3.10-alpha

tor-0.2.3.11-alpha

tor-0.2.3.12-alpha

tor-0.2.3.13-alpha

tor-0.2.3.14-alpha

tor-0.2.3.15-alpha

tor-0.2.3.16-alpha

tor-0.2.3.17-beta

tor-0.2.3.18-rc

tor-0.2.3.2-alpha

tor-0.2.3.3-alpha

tor-0.2.3.4-alpha

tor-0.2.3.5-alpha

tor-0.2.3.6-alpha

tor-0.2.3.7-alpha

tor-0.2.3.8-alpha

tor-0.2.3.9-alpha

tor-0.2.4.1-alpha

tor-0.2.4.10-alpha

tor-0.2.4.2-alpha

tor-0.2.4.3-alpha

tor-0.2.4.4-alpha

tor-0.2.4.5-alpha

tor-0.2.4.6-alpha

tor-0.2.4.7-alpha

tor-0.2.4.8-alpha

tor-0.2.4.9-alpha

tor-0.2.5.1-alpha

tor-0.2.5.2-alpha

tor-0.2.5.3-alpha

tor-0.2.5.4-alpha

tor-0.2.5.5-alpha

tor-0.2.6.1-alpha

tor-0.2.6.2-alpha

tor-0.2.6.3-alpha

tor-0.2.7.0-root

tor-0.2.7.1-alpha

tor-0.2.7.2-alpha

tor-0.2.7.3-rc

tor-0.2.7.4-rc

tor-0.2.7.5

tor-0.2.7.6

tor-0.2.8.1-alpha

tor-0.2.8.2-alpha

tor-0.2.9.0-root

tor-0.2.9.1-alpha

tor-0.2.9.2-alpha

tor-0.2.9.3-alpha

tor-0.2.9.4-alpha

tor-0.3.0.1-alpha

tor-0.3.0.2-alpha

tor-0.3.0.3-alpha

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "line_hashes": [
                    "44309939316981180280873473147461909284",
                    "245585645262755064580175351139636454420",
                    "276420338012471800371136648215023479706",
                    "242564737634043682203735875492122356622"
                ],
                "threshold": 0.9
            },
            "source": "https://github.com/torproject/tor/commit/665baf5ed5c6186d973c46cdea165c0548027350",
            "signature_version": "v1",
            "id": "CVE-2017-0377-3ba73f86",
            "target": {
                "file": "src/or/nodelist.c"
            },
            "signature_type": "Line",
            "deprecated": false
        },
        {
            "digest": {
                "line_hashes": [
                    "130947375133832080065014793414556873519",
                    "120268657075388148935762763694518608359",
                    "2857889528935089052107406791916063482",
                    "260857398991327691730483878311310381440",
                    "172175267509838166657832256561720017092",
                    "33865109398391995941849264184178983308"
                ],
                "threshold": 0.9
            },
            "source": "https://github.com/torproject/tor/commit/665baf5ed5c6186d973c46cdea165c0548027350",
            "signature_version": "v1",
            "id": "CVE-2017-0377-814b7942",
            "target": {
                "file": "src/or/entrynodes.c"
            },
            "signature_type": "Line",
            "deprecated": false
        },
        {
            "digest": {
                "length": 193.0,
                "function_hash": "4770935110876737590891931296231995318"
            },
            "source": "https://github.com/torproject/tor/commit/665baf5ed5c6186d973c46cdea165c0548027350",
            "signature_version": "v1",
            "id": "CVE-2017-0377-a8e4b5b9",
            "target": {
                "function": "entry_guard_obeys_restriction",
                "file": "src/or/entrynodes.c"
            },
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "digest": {
                "length": 139.0,
                "function_hash": "251812826122832502133715654618947189496"
            },
            "source": "https://github.com/torproject/tor/commit/665baf5ed5c6186d973c46cdea165c0548027350",
            "signature_version": "v1",
            "id": "CVE-2017-0377-b33a84f1",
            "target": {
                "function": "addrs_in_same_network_family",
                "file": "src/or/nodelist.c"
            },
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "digest": {
                "line_hashes": [
                    "144861746393319512936649912835876713466",
                    "237643910232194103654179137966429429850",
                    "51470496634927409790148542464069951910",
                    "274032112497314191036839052981469061771"
                ],
                "threshold": 0.9
            },
            "source": "https://github.com/torproject/tor/commit/665baf5ed5c6186d973c46cdea165c0548027350",
            "signature_version": "v1",
            "id": "CVE-2017-0377-e6fb9c72",
            "target": {
                "file": "src/or/nodelist.h"
            },
            "signature_type": "Line",
            "deprecated": false
        }
    ]
}