Описание
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.
A NULL pointer dereference flaw was found in Libreswan when processing IKEv1 Quick Mode requests. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, it triggers a NULL pointer dereference error. This flaw allows a malicious client or attacker to send a malformed IKEv1 Quick Mode packet, causing a crash and restart of the libreswan pluto daemon. When sent continuously, this issue leads to a denial of service attack.
Отчет
IKEv1 Quick Mode requests are only processed when received from authenticated peers, limiting the scope of possible attackers to peers who have successfully authenticated.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libreswan | Not affected | ||
| Red Hat Enterprise Linux 7 | libreswan | Not affected | ||
| Red Hat Enterprise Linux 8 | libreswan | Fixed | RHSA-2023:7052 | 14.11.2023 |
| Red Hat Enterprise Linux 9 | libreswan | Fixed | RHSA-2023:6549 | 07.11.2023 |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | libreswan | Fixed | RHSA-2024:10594 | 02.12.2024 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | libreswan | Fixed | RHSA-2025:0309 | 14.01.2025 |
| Red Hat OpenShift Container Platform 4.15 | libreswan | Fixed | RHBA-2024:11565 | 02.01.2025 |
| Red Hat OpenShift Container Platform 4.16 | libreswan | Fixed | RHBA-2024:11505 | 02.01.2025 |
| Red Hat OpenShift Container Platform 4.17 | libreswan | Fixed | RHBA-2024:11525 | 02.01.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick ...
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.
EPSS
6.5 Medium
CVSS3