Alerts This Week
Warning Icon 1 548
Alerts This Week
Warning Icon 1 548

Fedora 44 Tor Significant Denial of Service Resolution 2026-5ce7cc46bb

fedora
Calendar Grey May 26, 2026
Dist Fedora Esm H88
Important Fedora Update for Tor 0.4.9.8 addresses multiple vulnerabilities and enhances security.
Update to latest upstream release https://forum.torproject.org/t/security- release-0-4-8-25-and-0-4-9-8/21559

Summary

The Tor network is a group of volunteer-operated servers that allows people to

improve their privacy and security on the Internet. Tor's users employ this

network by connecting through a series of virtual tunnels rather than making a

direct connection, thus allowing both organizations and individuals to share

information over public networks without compromising their privacy. Along the

same line, Tor is an effective censorship circumvention tool, allowing its

users to reach otherwise blocked destinations or content. Tor can also be used

as a building block for software developers to create new communication tools

with built-in privacy features.

This package contains the Tor software that can act as either a server on the

Tor network, or as a client to connect to the Tor network.

Update Information:

Update to latest upstream release https://forum.torproject.org/t/security- release-0-4-8-25-and-0-4-9-8/21559

Topics%20covered

Topics Covered

security advisory denial of service fedora important Tor

Change Log

* Fri May 15 2026 Marcel Hrry - 0.4.9.8-1 - Update to latest upstream release https://forum.torproject.org/t/security-release-0-4-8-25-and-0-4-9-8/21559 - Fix CVE-2026-44600 (bz#2476455 / bz#2476454) - Fix CVE-2026-44599 (bz#2476453 / bz#2476452) - Fix CVE-2026-44597 (bz#2476451 / bz#2476450) - Fix CVE-2026-44601 (bz#2467732 / bz#2467731) - Fix CVE-2026-44603 (bz#2467720 / bz#2467719) - Fix CVE-2026-44602 (bz#2467718 / nz@2467717)

References


[ 1 ] Bug #2467295 - tor-0.4.9.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2467295 [ 2 ] Bug #2467718 - CVE-2026-44602 tor: Tor: Denial of service via out-of-order CERT cell [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2467718 [ 3 ] Bug #2467719 - CVE-2026-44603 tor: Tor: Denial of Service via malformed BEGIN cell [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2467719 [ 4 ] Bug #2467732 - CVE-2026-44601 tor: Tor: Client crash due to double close of a circuit [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2467732 [ 5 ] Bug #2476451 - CVE-2026-44597 tor: Tor: Denial of Service due to out-of-bounds read [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476451 [ 6 ] Bug #2476453 - CVE-2026-44599 tor: Tor: Low integrity impact via directory message manipulation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476453 [ 7 ] Bug #2476455 - CVE-2026-44600 tor: Tor: De...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5ce7cc46bb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: tor
Product: Fedora 44
Version: 0.4.9.8
Release: 1.fc44
URL: https://www.torproject.org
Summary: Anonymizing overlay network for TCP

Topics%20covered

Topics Covered

security advisory denial of service fedora important Tor

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here