Red Hat Bugzilla – Bug 1026152
CVE-2013-6076 strongswan: denial of service when handling IKEv1 fragmentation payloads
Last modified: 2015-07-31 03:12:02 EDT
A NULL pointer dereference flaw was discovered in strongSwan's IKE daemon, charon. An attacker could use this flaw to crash charon by sending a specially-crafted IKEv1 fragmentation payload.
strongSwan 5.1.1 corrects this flaw. A patch is provided for versions 5.0.2 and newer:
Created strongswan tracking bugs for this issue:
Affects: epel-6 [bug 1026154]
Looks like this issue is already fixed in the packages for Fedora testing so I did not file a tracking bug.
strongswan-5.1.1-4.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
strongswan-5.1.1-4.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
strongswan-5.1.1-4.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
Not Vulnerable. This issue does not affect the version of openswan as shipped with Red Hat Enterprise Linux 5 and 6.