An issue exists in Tor prior to 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream.
Debian Bug report logs -
#990000
tor: CVE-2021-34548 CVE-2021-34549 CVE-2021-34550
Package:
src:tor;
Maintainer for src:tor is Peter Palfrader <weasel@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 17 Jun 2021 13:57:02 UTC
Severity: important
Tags: security, upstream
Found in version t ...
Multiple security vulnerabilities were discovered in Tor, a
connection-based low-latency anonymous communication system, which
could result in denial of service or spoofing
For the stable distribution (buster), these problems have been fixed in
version 03515-1
We recommend that you upgrade your tor packages
For the detailed security status of ...
A security issue has been found in Tor before version 0459 Relays could spoof RELAY_END or RELAY_RESOLVED cell on half-closed streams because clients failed to validate which hop sent these cells This would allow a relay on a circuit to end a stream that wasn't actually built with it ...