Libreswan: Multiple Vulnerabilities — GLSA 201603-13

Multiple vulnerabilities have been found in libreSwan possibly resulting in Denial of Service.

Affected Packages

net-misc/libreswan on all architectures
Affected versions < 3.15
Unaffected versions >= 3.15

Background

Libreswan is a free software implementation of the most widely supported and standarized VPN protocol based on (“IPsec”) and the Internet Key Exchange (“IKE”).

Description

The pluto IKE daemon in Libreswan, when built with NSS, allows remote attackers to cause a Denial of Service (assertion failure and daemon restart) via a zero DH g^x value in a KE payload in a IKE packet. Additionally, remote attackers could cause a Denial of Service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK.

Impact

Remote attackers could possibly cause Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All Libreswan users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-misc/libreswan-3.15"
 

References

Release Date
March 12, 2016

Latest Revision
March 12, 2016: 1

Severity
normal

Exploitable
remote

Bugzilla entries