-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Release date: Monday May 11, 2020 Contact: security@libreswan.org PGP key: 907E790F25C1E8E561CD73B585FF4B43B30FC6F9 CVE-2020-1763: Malicious IKEv1 packet can cause libreswan to restart This alert (and any possible updates) is available at the following URLs: https://libreswan.org/security/CVE-CVE-2020-1763/ The Libreswan Project was notified by Stephan Zeisberg of Security Research Labs of a bug in handling bogus encrypted IKEv1 INFORMATIONAL Exchange packet requests for which there is no state. While building a log message that the packet has been dropped, a NULL pointer dereference causes libreswan to crash and restart when it attempts to log the state name involved. Vulnerable versions: libreswan 3.27 - 3.31 Not vulnerable : libreswan 3.32 and newer Vulnerability information ========================= In the libreswan code, all IKE packets cause a state change. An added log message displays the state name on a specific error message for an IKEv1 Informational Exchange message with a bogus payload for which we cannot find a valid peer. This message happens when no matching state is found, and when no state will be created. When looking up the state name for the log message, this causes a NULL pointer dereference. Exploitation ============ This vulnerability cannot be abused for a remote code execution or an authentication bypass. But by continuing to send these packets, a denial of service attack against the libreswan IKE service is possible. Workaround ========== There is no workaround. Please apply one of the patches supplied below. History ======= * 2020-03-13 Issue reported via bugs.libreswan.org (lswbz#351) * 2020-03-19 Patch distributed under embargo to customers and vendors * 2020-05-11 Public release of CVE by The Libreswan Project Credits ======= This vulnerability was found and reported by Stephan Zeisberg of Security Research Labs. Stephan also kindly provided the fuzzing packet causing the crash so we could easilly reproduce this. Upgrading ========= To address this vulnerability, please upgrade to libreswan 3.32 or later. For those who cannot upgrade, patches are provided for libreswan 3.27-3.30 and for 3.31 at the above URL, and are included for reference below. About libreswan (https://libreswan.org/) ======================================== Libreswan is a free implementation of the Internet Key Exchange (IKE) protocols IKEv1 and IKEv2. It is a descendant (continuation fork) of openswan 2.6.38. IKE is used to establish IPsec VPN connections. IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted network is encrypted by the IPsec gateway machine, and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network (VPN). Patch for libreswan-3.31 ======================== diff --git a/programs/pluto/ikev1.c b/programs/pluto/ikev1.c index 38dfe060db..03ce080339 100644 - --- a/programs/pluto/ikev1.c +++ b/programs/pluto/ikev1.c @@ -2047,7 +2047,7 @@ void process_packet_tail(struct msg_digest **mdp) "%smessage ignored because it contains a payload type (%s) unexpected by state %s", excuse, enum_show(&ikev1_payload_names, np), - - st->st_state_name); + finite_states[smc->state]->name); if (!md->encrypted) { SEND_NOTIFICATION(INVALID_PAYLOAD_TYPE); } Patch for libreswan-3.27 to 3.30 ================================ diff --git a/programs/pluto/ikev1.c b/programs/pluto/ikev1.c index 38dfe060db..b5ad3e4560 100644 - --- a/programs/pluto/ikev1.c +++ b/programs/pluto/ikev1.c @@ -2047,7 +2047,7 @@ void process_packet_tail(struct msg_digest **mdp) "%smessage ignored because it contains a payload type (%s) unexpected by state %s", excuse, enum_show(&ikev1_payload_names, np), - - st->st_state_name); + (st == NULL) ? "" : st->st_state_name); if (!md->encrypted) { SEND_NOTIFICATION(INVALID_PAYLOAD_TYPE); } -----BEGIN PGP SIGNATURE----- iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAl65duQTHHRlYW1AbGli cmVzd2FuLm9yZwAKCRCF/0tDsw/G+bFkD/wKIYcFqE+iyqKAaJBls6m5fx8DP19x Z6Kah2owkJtoVPnREcri13UwFM/JwFSAeGbbac8/LZfTreGRfQHs+PAmyNLJiqDg 4vLj0iErf9XM73Wf1JrMwXG+R7GnnzudxNUwcabUY51D/gp9MzNEhuWlzT/q29iC y4/TmrYojO9sWfmBPh5DgqGYbW6C4zlsrryPLLq4Dgzj2WOqNdyfAzDOvSYBDD7E 3M3nRnHlHO68JFabuk5jTIyOi8X/ujwUEWny09mZx7heuuagYqog5LyTb+G8ewXE pA+Ovm10hq5VB0Rd9oc5fbNooy2l1Gsi5Mj5ABb5qVk24qDHjUvNl4HimZzhliaM jQL02oHKB9GqlJR/yDUax9vsAPihPfdYSrUGoXniy6Yci/y42FL2fCvqBHXBqf3i T3mmHEk4baMU261Iui9wTzaW4umy+WMcEmGW73boW5KXKWqFYUMYQuQiyi99dnRa UIso9x/xQcx7YZarldWhmFCUNdgb/7cwZmndbmQZ2S3ADNY20GVqyoGEFNx46CDc Np4ZZWY2fU0Ab0N/8eRWqwx+5TU2MpoL0Q4lHOQIHfD72gIhlC0jfwZOsFQvr9sN UqaV6+58wZNCiLrLFMdIV4FJzFYy372nEIWZeIKuH8Fvhs2ZEFLYuS4vnS5QYNPc T8RAXgeKYSvhoA== =hUTY -----END PGP SIGNATURE-----