Описание
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan. An unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
Отчет
This flaw does not affect the version of libreswan shipped with Red Hat Enterprise Linux 6 and 7 because they did not ship the vulnerable code. (The offending commit fa004e7d4b83fbeaa8d0f6d8430a96aed97a97b9 and others was introduced in libreswan-3.27)
Меры по смягчению последствий
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libreswan | Not affected | ||
| Red Hat Enterprise Linux 7 | libreswan | Not affected | ||
| Red Hat Enterprise Linux 8 | libreswan | Fixed | RHSA-2020:2070 | 12.05.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | libreswan | Fixed | RHSA-2020:2069 | 12.05.2020 |
| Red Hat Enterprise Linux 8.1 Extended Update Support | libreswan | Fixed | RHSA-2020:2071 | 12.05.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
An out-of-bounds buffer read flaw was found in the pluto daemon of lib ...
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
EPSS
7.5 High
CVSS3