Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <ZiDTZcjVnt-uqHRQ@raton>
Date: Thu, 18 Apr 2024 10:01:41 +0200
From: David Morel <david.morel@...es.tech>
To: oss-security@...ts.openwall.com
Subject: libreswan: IKEv1 default AH/ESP responder can crash and restart

Hello,

I noticed I missed a few CVEs on libreswan recently as the project is
not posting them here, I subscribed to their announce mailing-list to
monitor that for work, and thought I could try to follow and post them
here when there are new things. That being said, here is the latest one:

Vulnerability information
=========================
The function compute_proto_keymat() did not handle unexpected proposals
for which the keymat size is 0, such as AES-GMAC which can be used only
with NULL encryption.  The function ends up calling an assertion failure
routine. No Remote Code Execution is possible.

- CVE-2024-3652
- Advisory: https://libreswan.org/security/CVE-2024-3652/CVE-2024-3652.txt
- Severity: Medium
- Vulnerable versions: libreswan 3.22 - 4.14
- Not vulnerable: libreswan 3.0 - 3.21, 4.15+, 5.0+

-- 
David Morel

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.