Описание
The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service.
A flaw was found in Libreswan. This issue causes Libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret), and the connection cannot find a matching configured secret. When automatically added on startup using the auto= keyword, it can cause repeated crashes, leading to a denial of service.
Отчет
Libreswan may restart repeatedly under certain IKEv2 retransmission scenarios when using PreSharedKeys (authby=secret) if the connection cannot find a matching configured secret. If such a connection is added automatically on startup using the auto= keyword, it can lead to repeated crashes, causing a denial of service. The vulnerability arises when IKEv2 fails to find its PreSharedKey for the AUTH payload in the IKE_AUTH Exchange, resulting in assertion failure and daemon crashes. This vulnerability is triggered by local misconfiguration, and there is no known exploitation by external peers.
Меры по смягчению последствий
As a workaround to prevent the misconfiguration from causing the crash, place an unguessable long random "catch-all" secret in /etc/ipsec.secrets, for example, using the following command: echo -e "# CVE-2024-2357 workaround\n: PSK "$(openssl rand -hex 32)"" >> /etc/ipsec.secrets This will ensure a PSK secret is always found, but it will always be wrong, and thus authentication will still properly fail.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libreswan | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libreswan | Out of support scope | ||
| Red Hat Enterprise Linux 8 | libreswan | Fixed | RHSA-2024:1998 | 23.04.2024 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | libreswan | Fixed | RHSA-2024:2082 | 30.04.2024 |
| Red Hat Enterprise Linux 8.8 Extended Update Support | libreswan | Fixed | RHSA-2024:2081 | 30.04.2024 |
| Red Hat Enterprise Linux 9 | libreswan | Fixed | RHSA-2024:2033 | 24.04.2024 |
| Red Hat Enterprise Linux 9 | libreswan | Fixed | RHSA-2024:2565 | 30.04.2024 |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | libreswan | Fixed | RHSA-2024:10594 | 02.12.2024 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | libreswan | Fixed | RHSA-2024:2085 | 30.04.2024 |
| Red Hat OpenShift Container Platform 4.15 | libreswan | Fixed | RHBA-2024:11565 | 02.01.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
5 Medium
CVSS3
Связанные уязвимости
The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service.
The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service.
The Libreswan Project was notified of an issue causing libreswan to re ...
EPSS
5 Medium
CVSS3