Back to bug 2225369
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| TEJ RATHI | 2023-07-25 05:37:15 UTC | CC | security-response-team | |
| TEJ RATHI | 2023-07-25 05:40:15 UTC | Blocks | 2225370 | |
| TEJ RATHI | 2023-07-25 05:47:51 UTC | CC | dueno | |
| TEJ RATHI | 2023-07-25 05:55:27 UTC | Depends On | 2215956 | |
| TEJ RATHI | 2023-07-25 05:55:37 UTC | Depends On | 2215955 | |
| TEJ RATHI | 2023-08-09 03:58:30 UTC | Summary | EMBARGOED libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart | EMBARGOED CVE-2023-38712 libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart |
| Alias | CVE-2023-38712 | |||
| TEJ RATHI | 2023-08-09 05:13:03 UTC | Doc Text | A null pointer dereference vulnerability was discovered in Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a null pointer dereference on the deleted state occurs. A malicious client or attacker could send a malformed IKEv1 Delete/Notify packet that would cause a crash and restart of the libreswan pluto daemon. When sent continuously, this could lead to a denial of service attack. | |
| TEJ RATHI | 2023-08-09 05:24:35 UTC | Comment | 0 | updated |
| TEJ RATHI | 2023-08-09 05:29:27 UTC | CC | rhel-crypto-maint | |
| Summary | EMBARGOED CVE-2023-38712 libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart | CVE-2023-38712 libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart | ||
| Deadline | 2023-08-07 | |||
| Group | security, qe_staff | |||
| TEJ RATHI | 2023-08-09 05:39:26 UTC | Depends On | 2230238 | |
| RaTasha Tillery-Smith | 2023-08-09 14:14:47 UTC | Doc Text | A null pointer dereference vulnerability was discovered in Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a null pointer dereference on the deleted state occurs. A malicious client or attacker could send a malformed IKEv1 Delete/Notify packet that would cause a crash and restart of the libreswan pluto daemon. When sent continuously, this could lead to a denial of service attack. | A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state occurs. This flaw allows a malicious client or attacker to send a malformed IKEv1 Delete/Notify packet, causing a crash and restarting the libreswan pluto daemon. When sent continuously, this could lead to a denial of service attack. |
Back to bug 2225369