Description
Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009.
Published: 2026-05-07
Score: 3.7 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in Tor versions before 0.4.9.7 causes the client to crash when a circuit queue experiences memory pressure, due to a double close of a circuit. This weakness, classified as CWE‑837, results in an unstable client that can be forced to terminate. The crash is not a data‑exposure flaw, but it denies service and may interrupt anonymity operations.

Affected Systems

The vulnerability affects the Tor client produced by TorProject. Any installation using a Tor version prior to 0.4.9.7 is vulnerable. No specific hardware or operating‑system restrictions are noted.

Risk and Exploitability

The CVSS score of 3.7 indicates a low severity risk. No EPSS score is available, and the flaw is not listed in the CISA KEV catalog. The likely attack vector involves creating conditions that generate memory pressure in the circuit queue, which could be achieved by flooding the client with high‑volume traffic or manipulating circuit establishment timing. While the impact is limited to client crashes, repeated outages could degrade user experience and trust in anonymity.

Generated by OpenCVE AI on May 7, 2026 at 05:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Tor client to version 0.4.9.7 or later to eliminate the double‑close bug.
  • If an upgrade cannot be performed immediately, adjust the client configuration to limit the maximum number of concurrent circuits (e.g., set circuit_queue_len to a lower value) to reduce memory pressure.
  • Continuously monitor client logs for “double close” crash messages and adjust traffic or circuit creation patterns to avoid repeating the failure condition.

Generated by OpenCVE AI on May 7, 2026 at 05:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6260-1 tor security update
History

Thu, 07 May 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 07 May 2026 06:15:00 +0000

Type Values Removed Values Added
Title Double-Close Circuit Queue Crash in Tor Client

Thu, 07 May 2026 04:15:00 +0000

Type Values Removed Values Added
Description Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009.
First Time appeared Torproject
Torproject tor
Weaknesses CWE-837
CPEs cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
Vendors & Products Torproject
Torproject tor
References
Metrics cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L'}

Subscriptions

Torproject Tor
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-07T14:58:24.830Z

Reserved: 2026-05-07T03:09:50.703Z

Link: CVE-2026-44601

cve-icon Vulnrichment

Updated: 2026-05-07T13:56:49.514Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-07T04:16:35.030

Modified: 2026-05-08T17:07:19.250

Link: CVE-2026-44601

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T06:00:16Z

Weaknesses