1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Release date: Monday May 11, 2020
Contact: security@libreswan.org
PGP key: 907E790F25C1E8E561CD73B585FF4B43B30FC6F9
CVE-2020-1763: Malicious IKEv1 packet can cause libreswan to restart
This alert (and any possible updates) is available at the following URLs:
https://libreswan.org/security/CVE-CVE-2020-1763/
The Libreswan Project was notified by Stephan Zeisberg of Security
Research Labs of a bug in handling bogus encrypted IKEv1 INFORMATIONAL
Exchange packet requests for which there is no state. While building a
log message that the packet has been dropped, a NULL pointer dereference
causes libreswan to crash and restart when it attempts to log the state
name involved.
Vulnerable versions: libreswan 3.27 - 3.31
Not vulnerable : libreswan 3.32 and newer
Vulnerability information
=========================
In the libreswan code, all IKE packets cause a state change. An added
log message displays the state name on a specific error message for an
IKEv1 Informational Exchange message with a bogus payload for which we
cannot find a valid peer. This message happens when no matching state
is found, and when no state will be created. When looking up the state
name for the log message, this causes a NULL pointer dereference.
Exploitation
============
This vulnerability cannot be abused for a remote code execution or an
authentication bypass. But by continuing to send these packets, a
denial of service attack against the libreswan IKE service is possible.
Workaround
==========
There is no workaround. Please apply one of the patches supplied below.
History
=======
* 2020-03-13 Issue reported via bugs.libreswan.org (lswbz#351)
* 2020-03-19 Patch distributed under embargo to customers and vendors
* 2020-05-11 Public release of CVE by The Libreswan Project
Credits
=======
This vulnerability was found and reported by Stephan Zeisberg of Security
Research Labs. Stephan also kindly provided the fuzzing packet causing the
crash so we could easilly reproduce this.
Upgrading
=========
To address this vulnerability, please upgrade to libreswan 3.32 or later.
For those who cannot upgrade, patches are provided for libreswan 3.27-3.30
and for 3.31 at the above URL, and are included for reference below.
About libreswan (https://libreswan.org/)
========================================
Libreswan is a free implementation of the Internet Key Exchange (IKE)
protocols IKEv1 and IKEv2. It is a descendant (continuation fork) of
openswan 2.6.38. IKE is used to establish IPsec VPN connections.
IPsec uses strong cryptography to provide both authentication and
encryption services. These services allow you to build secure tunnels
through untrusted networks. Everything passing through the untrusted
network is encrypted by the IPsec gateway machine, and decrypted by
the gateway at the other end of the tunnel. The resulting tunnel is a
virtual private network (VPN).
Patch for libreswan-3.31
========================
diff --git a/programs/pluto/ikev1.c b/programs/pluto/ikev1.c
index 38dfe060db..03ce080339 100644
- --- a/programs/pluto/ikev1.c
+++ b/programs/pluto/ikev1.c
@@ -2047,7 +2047,7 @@ void process_packet_tail(struct msg_digest **mdp)
"%smessage ignored because it contains a payload type (%s) unexpected by state %s",
excuse,
enum_show(&ikev1_payload_names, np),
- - st->st_state_name);
+ finite_states[smc->state]->name);
if (!md->encrypted) {
SEND_NOTIFICATION(INVALID_PAYLOAD_TYPE);
}
Patch for libreswan-3.27 to 3.30
================================
diff --git a/programs/pluto/ikev1.c b/programs/pluto/ikev1.c
index 38dfe060db..b5ad3e4560 100644
- --- a/programs/pluto/ikev1.c
+++ b/programs/pluto/ikev1.c
@@ -2047,7 +2047,7 @@ void process_packet_tail(struct msg_digest **mdp)
"%smessage ignored because it contains a payload type (%s) unexpected by state %s",
excuse,
enum_show(&ikev1_payload_names, np),
- - st->st_state_name);
+ (st == NULL) ? "<no state>" : st->st_state_name);
if (!md->encrypted) {
SEND_NOTIFICATION(INVALID_PAYLOAD_TYPE);
}
-----BEGIN PGP SIGNATURE-----
iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAl65duQTHHRlYW1AbGli
cmVzd2FuLm9yZwAKCRCF/0tDsw/G+bFkD/wKIYcFqE+iyqKAaJBls6m5fx8DP19x
Z6Kah2owkJtoVPnREcri13UwFM/JwFSAeGbbac8/LZfTreGRfQHs+PAmyNLJiqDg
4vLj0iErf9XM73Wf1JrMwXG+R7GnnzudxNUwcabUY51D/gp9MzNEhuWlzT/q29iC
y4/TmrYojO9sWfmBPh5DgqGYbW6C4zlsrryPLLq4Dgzj2WOqNdyfAzDOvSYBDD7E
3M3nRnHlHO68JFabuk5jTIyOi8X/ujwUEWny09mZx7heuuagYqog5LyTb+G8ewXE
pA+Ovm10hq5VB0Rd9oc5fbNooy2l1Gsi5Mj5ABb5qVk24qDHjUvNl4HimZzhliaM
jQL02oHKB9GqlJR/yDUax9vsAPihPfdYSrUGoXniy6Yci/y42FL2fCvqBHXBqf3i
T3mmHEk4baMU261Iui9wTzaW4umy+WMcEmGW73boW5KXKWqFYUMYQuQiyi99dnRa
UIso9x/xQcx7YZarldWhmFCUNdgb/7cwZmndbmQZ2S3ADNY20GVqyoGEFNx46CDc
Np4ZZWY2fU0Ab0N/8eRWqwx+5TU2MpoL0Q4lHOQIHfD72gIhlC0jfwZOsFQvr9sN
UqaV6+58wZNCiLrLFMdIV4FJzFYy372nEIWZeIKuH8Fvhs2ZEFLYuS4vnS5QYNPc
T8RAXgeKYSvhoA==
=hUTY
-----END PGP SIGNATURE-----
|
