Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 722696 (CVE-2020-1763)

Summary: <net-vpn/libreswan-3.32: Denial of service via malformed IKEv1 packet (CVE-2020-1763)
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: graaff
Priority: Normal Flags: nattka: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt
Whiteboard: B3 [glsa+ cve]
Package list:
net-vpn/libreswan-3.32
 Runtime testing required: ---

Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-05-12 13:24:23 UTC 
Description:
"The Libreswan Project was notified by Stephan Zeisberg of Security
Research Labs of a bug in handling bogus encrypted IKEv1 INFORMATIONAL
Exchange packet requests for which there is no state. While building a
log message that the packet has been dropped, a NULL pointer dereference
causes libreswan to crash and restart when it attempts to log the state
name involved."

Note:
"This vulnerability cannot be abused for a remote code execution or an
authentication bypass. But by continuing to send these packets, a
denial of service attack against the libreswan IKE service is possible."
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-05-12 13:24:56 UTC 
@maintainer(s), please apply the provided patch or bump to 3.32.

Patch: https://libreswan.org/security/CVE-2020-1763/libreswan-3.31-CVE-2020-1763.patch
Comment 2 Hans de Graaff gentoo-dev Security 2020-05-12 14:38:58 UTC 
libreswan 3.32 is now available. I'll wait a day or so for testing before adding arches.
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-05-12 14:42:21 UTC 
(In reply to Hans de Graaff from comment #2)
> libreswan 3.32 is now available. I'll wait a day or so for testing before
> adding arches.

No problem, thanks!
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-05-15 14:38:41 UTC 
(In reply to Hans de Graaff from comment #2)
> libreswan 3.32 is now available. I'll wait a day or so for testing before
> adding arches.

How're we looking?
Comment 5 Agostino Sarubbo gentoo-dev 2020-05-18 15:09:28 UTC 
amd64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2020-05-18 21:13:43 UTC 
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 7 Hans de Graaff gentoo-dev Security 2020-05-23 06:34:29 UTC 
Cleanup done.
Comment 8 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-05-23 06:54:33 UTC 
(In reply to Hans de Graaff from comment #7)
> Cleanup done.

Thank you!
Comment 9 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-07-26 15:11:18 UTC 
GLSA vote: yes
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2020-07-27 00:08:00 UTC 
This issue was resolved and addressed in
 GLSA 202007-21 at https://security.gentoo.org/glsa/202007-21
by GLSA coordinator Sam James (sam_c).