Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 13 Sep 2013 13:14:22 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request -- Linux kernel: net: sctp: ipv6 ipsec
 encryption bug in sctp_v6_xmit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/13/2013 07:38 AM, Petr Matousek wrote:
> Alan Chester reported an issue with IPv6 on SCTP that IPsec traffic
> is not being encrypted, whereas on IPv4 it is. Setting up an AH +
> ESP transport does not seem to have the desired effect:
> 
> SCTP + IPv4:
> 
> 22:14:20.809645 IP (tos 0x2,ECT(0), ttl 64, id 0, offset 0, flags
> [DF], proto AH (51), length 116) 192.168.0.2 > 192.168.0.5:
> AH(spi=0x00000042,sumlen=16,seq=0x1):ESP(spi=0x00000044,seq=0x1),
> length 72 22:14:20.813270 IP (tos 0x2,ECT(0), ttl 64, id 0, offset
> 0, flags [DF],proto AH (51), length 340) 192.168.0.5 > 192.168.0.2:
> AH(spi=0x00000043,sumlen=16,seq=0x1):
> 
> SCTP + IPv6:
> 
> 22:31:19.215029 IP6 (class 0x02, hlim 64, next-header SCTP
> (132)payload length: 364) fe80::222:15ff:fe87:7fc.3333 >
> fe80::92e6:baff:fe0d:5a54.36767:sctp 1) [INIT ACK] [init tag:
> 747759530] [rwnd: 62464] [OS: 10] [MIS:10]
> 
> References: https://bugzilla.kernel.org/show_bug.cgi?id=24412 
> https://bugzilla.redhat.com/show_bug.cgi?id=1007872
> 
> Upstream fix: 
> http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=95ee62083cb6453e056562d91f597552021e6ae7
>
>  Thanks,
> 

Please use CVE-2013-4350 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIbBAEBAgAGBQJSM2QOAAoJEBYNRVNeJnmTFd4P+O2iIuwkT/ufCulXrdvgmNRc
x+H/25xgz6W55BbuM3ngHkYLbL8CGvVxhTt5ZloRLys3Fgrr87T9XQdKbM4e1Ead
7f/VGsMHOi3WjetMxXt19Cqd8YP7N3ewRaI1r+f5y1876/J6jUbLmXlKv0Kh132a
/ov/rnRAZZyYrULcQbDJJEEfDsg7mjnrhG+BNN9GKudX5gPVenzLjWHmPWxFg6cC
dyuPN01LpG2u9izep2/MNT8rd13YRh4LacU7qT8gQ3ge8cvvyl2gKyq/gy1x1VlY
vhbDiyjrMPilnvZqw//J33UNK7lMq1DOs6UGSqEg0Sz8lCYJW0wN3XbRE9x+HGng
bJdzZE7dCYa1ESpTe/KyZAWjtXb/hSB2E7pRy9HSK8IfN7UzSSCdsUl/QwUpBdsN
IQhvqPc/JvgwVC1vOD7Hp2MQy88OHLXQyd63txqpVYcRJAmRvn1nLDEwc9fT1Wsd
IaBU6YZOodZcahBWBlT2CEqiFd8PbqOurZa+EvzdRs7b9zJbLLiNOrwvevWqBlOo
0ZaajDdzy2Bwu57TNtn5283pm5VvvlsL/BhXEuEj1v0lNDrJNvA8XG0QB1NMKGu/
bSZOM34whqdEdt32PIfjKHQC+SQb1cghQl10ZB6TjYe1JGFXZSCmkux39CPkph8R
zybGMnRQvtMJQWi1+zw=
=mOpZ
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ