Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 624832 (CVE-2016-10396) - net-vpn/ipsec-tools: Parsing and storing ISAKMP fragments in malicious order can exhaust resources (CVE-2016-10396)
Summary: net-vpn/ipsec-tools: Parsing and storing ISAKMP fragments in malicious order ...
Status: IN_PROGRESS
Alias: CVE-2016-10396
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [ebuild/cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-07-13 05:15 UTC by Aleksandr Wagner (Kivak)
Modified: 2017-09-10 05:31 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Aleksandr Wagner (Kivak) 2017-07-13 05:15:38 UTC
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place.

References:

https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=51682

Upstream patch:

http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c.diff?r1=1.5&r2=1.5.36.1