libreswan-4.12-1.el9

エラータID: AXSA:2023-6824:09

Release date: 
Friday, December 8, 2023 - 09:00
Subject: 
libreswan-4.12-1.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).

Security Fix(es):

* libreswan: Invalid IKEv2 REKEY proposal causes restart (CVE-2023-38710)
* libreswan: Invalid IKEv1 Quick Mode ID causes restart (CVE-2023-38711)
* libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart (CVE-2023-38712)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the MIRACLE LINUX 9.3 Release Notes linked from the References section.

CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.
CVE-2023-38711
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.
CVE-2023-38712
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. libreswan-4.12-1.el9.src.rpm
    MD5: 71de60759d2192d4c309d69f2c61a2b0
    SHA-256: 4439d32c8f5bd85ba8e62ce0b3ce3964b94e3379d80074b224e04b95ae768c12
    Size: 12.53 MB

Asianux Server 9 for x86_64
  1. libreswan-4.12-1.el9.x86_64.rpm
    MD5: 688022c29f9f374d2eee3f70823f7436
    SHA-256: 55258a48a263cb8af57db0c966c0fcc2cdbe7707c3ce60dba574e732a04f81bc
    Size: 1.32 MB