CVE-2022-21688
📋 TL;DR
CVE-2022-21688 is a denial-of-service vulnerability in OnionShare desktop application where specially crafted images cause excessive memory consumption when rendered in the history tab. Attackers with knowledge of Onion service addresses (public mode) or authentication (private mode) can crash servers by triggering memory exhaustion. Users running OnionShare desktop versions before 2.5 with history tab rendering enabled are affected.
💻 Affected Systems
- OnionShare
📦 What is this software?
Onionshare by Onionshare
⚠️ Risk & Real-World Impact
Worst Case
Complete server crash and service disruption due to out-of-memory conditions, potentially affecting all users of the OnionShare instance.
Likely Case
Temporary service disruption requiring application restart, with potential data loss for active file transfers or chats.
If Mitigated
Minimal impact if patched or if history tab rendering is disabled.
🎯 Exploit Status
Exploitation requires attacker to know Onion service address and user to view history tab. The vulnerability is in QT image parsing library.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.5
Vendor Advisory: https://github.com/onionshare/onionshare/security/advisories/GHSA-x7wr-283h-5h2v
Restart Required: Yes
Instructions:
1. Download OnionShare v2.5 or later from official repository. 2. Uninstall previous version. 3. Install new version. 4. Restart application.
🔧 Temporary Workarounds
Disable History Tab Rendering
allPrevent image rendering in history tab to block exploitation vector
No specific commands - configure through application settings
Run in Private Mode with Strong Authentication
allLimit access to authenticated users only to reduce attack surface
Configure private mode during OnionShare setup
🧯 If You Can't Patch
- Disable history tab functionality completely in application settings
- Run OnionShare in isolated environment with memory limits using containerization
🔍 How to Verify
Check if Vulnerable:
Check OnionShare version in application settings or about dialog. Versions below 2.5 are vulnerable.Check Version:
OnionShare → Help → About (GUI) or 'onionshare --version' (CLI)Verify Fix Applied:
Confirm version is 2.5 or higher and test that history tab renders images without memory spikes.📡 Detection & Monitoring
Log Indicators:
- Memory usage spikes to near system limits
- Application crash logs mentioning QT image parsing
- Out-of-memory errors in system logs
Network Indicators:
- Multiple small image uploads (≈20 bytes) followed by memory exhaustion
- Unusual traffic patterns to Onion service
SIEM Query:
source="onionshare.log" AND ("memory" OR "crash" OR "QT") OR source="system.log" AND "out of memory" AND process="onionshare"