``` TROVE-2017-011: An attacker can make Tor ask for a password SEVERITY: High ALSO TRACKED AS: OSS-Fuzz testcase 6360145429790720, CVE-2017-8821 CREDIT: This was found by OSS-Fuzz. SUMMARY: All over our code, we accept parse RSA public keys in the "PEM" format, such as: -----BEGIN RSA PUBLIC KEY----- SXQncyBjb29sIHRoYXQgeW91IHdlcmUgY29uY2VybmVkIGVub3VnaCB0byBjaGVj aywgYnV0IHRoZXJlIGlzIGluIGZhY3Qgbm8gc2VjcmV0IGluZm9ybWF0aW9uIGhl cmUuICBUaGlzIHNwYWNlIGludGVudGlvbmFsbHkgbGVmdCBibGFuay4=\n -----END RSA PUBLIC KEY----- But if you pass OpenSSL a public key that's suitably constructed, it will ask for a password. This applies to public keys as well as private keys! If this "key" is used in a microdescriptor, an onion service descriptor, a relay or bridge descriptor, or anywhere, then OpenSSL will pause, and ask for a passphrase. This blocks Tor, causing a denial of service attack. If it causes an onion service or busy client to block, this could aid in traffic analysis. Tors that are running as a daemon (without a terminal) or inside another process may not be vulnerable -- it depends on OpenSSL's behavior when it tries to ask for a password. FIX: Everyone affected should upgrade to one of the releases with the fix for this issue: 0.2.5.16, 0.2.8.17, 0.2.9.14, 0.3.0.13, 0.3.1.9, or 0.3.2.6-alpha. ```