Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 930091 (CVE-2024-3652) - <net-vpn/libreswan-4.15: Denial of Service vulnerability
Summary: <net-vpn/libreswan-4.15: Denial of Service vulnerability
Status: CONFIRMED
Alias: CVE-2024-3652
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://libreswan.org/security/CVE-20...
Whiteboard: B3 [glsa?]
Keywords:
Depends on: 930650
Blocks:
  Show dependency tree
 
Reported: 2024-04-16 06:07 UTC by Hans de Graaff
Modified: 2024-05-11 08:47 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hans de Graaff gentoo-dev Security 2024-04-16 06:07:36 UTC
===================================================================
CVE-2024-3652: IKEv1 default AH/ESP responder can crash and restart
===================================================================

This alert (and any updates) are available at the following URLs:
https://libreswan.org/security/CVE-2024-3652

The Libreswan Project was notified of an issue that causes libreswan
to crash and restart when it is acting as an IKEv1 responder with
AH/ESP default setting, when no esp= line is present in the connection
configuration. The bug is triggered when after IKEv1 authentication has
succeeded (via Main Mode or Aggressive Mode), a Quick Mode message is
received containing a bogus AES-GMAC proposal.

When such a connection is automatically added on startup using the auto=
keyword, it can cause repeated crashes leading to a Denial of Service.

Severity: Medium
Vulnerable versions : libreswan 3.22 - 4.14
Not vulnerable      : libreswan 3.0 - 3.21, 4.15+, 5.0+

Vulnerability information
=========================
The function compute_proto_keymat() did not handle unexpected proposals
for which the keymat size is 0, such as AES-GMAC which can be used only
with NULL encryption.  The function ends up calling an assertion failure
routine. No Remote Code Execution is possible.

Exploitation
============
The vulnerability can only be exploited when an IKEv1 connection is loaded
without an esp= line. It also requires the peer to have authenticated
itself before it can send the bogus request triggering the issue. IKEv2
connections are not vulnerable.

Workaround
==========
An esp= line using a common IKEv1 algorithm list can be added to all
IKEv1 based connections. An example of such an esp= line could be:

     esp=aes-sha2_512,aes-sha1,aes-sha2_256,aes-md5,3des-sha1,3des-md5
Comment 1 Larry the Git Cow gentoo-dev 2024-05-11 08:47:14 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b74353681dcf6143676b69b7060228f8045c692e

commit b74353681dcf6143676b69b7060228f8045c692e
Author:     Hans de Graaff <graaff@gentoo.org>
AuthorDate: 2024-05-11 08:46:35 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-05-11 08:47:05 +0000

    net-vpn/libreswan: drop 4.14
    
    Bug: https://bugs.gentoo.org/930091
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 net-vpn/libreswan/Manifest              |   1 -
 net-vpn/libreswan/libreswan-4.14.ebuild | 136 --------------------------------
 2 files changed, 137 deletions(-)