vulnerability

Debian: CVE-2025-4444: tor -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:N/AC:H/Au:N/C:N/I:N/A:P)	Apr 7, 2026	Apr 7, 2026	Apr 8, 2026

Severity

CVSS

(AV:N/AC:H/Au:N/C:N/I:N/A:P)

Published

Apr 7, 2026

Added

Apr 7, 2026

Modified

Apr 8, 2026

Description

A security flaw has been discovered in Tor up to 0.4.7.16/0.4.8.17. Impacted is an unknown function of the component Onion Service Descriptor Handler. Performing manipulation results in resource consumption. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is considered difficult. Upgrading to version 0.4.8.18 and 0.4.9.3-alpha is recommended to address this issue. It is recommended to upgrade the affected component.

Solution

debian-upgrade-tor

References

CVE-2025-4444
https://attackerkb.com/topics/CVE-2025-4444
CWE-400
CWE-404
DEBIAN-DSA-6200-1
EUVD-EUVD-2025-29912
https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-29912

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today