A NULL pointer dereference flaw was discovered in strongSwan's IKE daemon, charon. An attacker could use this flaw to crash charon by sending a specially-crafted IKEv1 fragmentation payload. strongSwan 5.1.1 corrects this flaw. A patch is provided for versions 5.0.2 and newer: http://download.strongswan.org/security/CVE-2013-6076/strongswan-5.0.2-5.1.0_ikev1_fragment.patch External References: http://strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerability-(cve-2013-6076).html
Created strongswan tracking bugs for this issue: Affects: epel-6 [bug 1026154]
Looks like this issue is already fixed in the packages for Fedora testing so I did not file a tracking bug. http://koji.fedoraproject.org/koji/buildinfo?buildID=475229 http://koji.fedoraproject.org/koji/buildinfo?buildID=475223 http://koji.fedoraproject.org/koji/buildinfo?buildID=475220
strongswan-5.1.1-4.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
strongswan-5.1.1-4.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
strongswan-5.1.1-4.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
Statement: Not Vulnerable. This issue does not affect the version of openswan as shipped with Red Hat Enterprise Linux 5 and 6.