libreswan-4.4-4.el8

エラータID: AXSA:2022-2989:01

Release date: 
Thursday, January 20, 2022 - 04:16
Subject: 
libreswan-4.4-4.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).

Security Fix(es):

* libreswan: Malicious IKEv1 packet can cause libreswan to restart (CVE-2022-23094)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-23094
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.

Solution: 

Update packages.

CVEs: 
CVE-2022-23094
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.
Additional Info: 

N/A

Download: 

SRPMS
  1. libreswan-4.4-4.el8.src.rpm
    MD5: 3578c33baf2c2c6d6397515c6ca79774
    SHA-256: ad8382551df1c7bf97d9773a37a5016287b6682a63e36e8dbcc59fbd344f200a
    Size: 12.34 MB

Asianux Server 8 for x86_64
  1. libreswan-4.4-4.el8.x86_64.rpm
    MD5: 2b70e7f07589c4a8013f5d85ec94318f
    SHA-256: a8dba872ac66bf7433cd557c346d2c443d50d0c94e36faf01d958d660c790f26
    Size: 1.29 MB