mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity

ipsec-tools: Security Advisory - CVE-2015-4047

Browse Source 
This fixed the CVE-2015-4047:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

Conflicts:
	meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
This commit is contained in:
Roy Li
2015-06-05 13:23:28 +08:00
committed by Armin Kuster
parent 0fb90bef8c
commit e3dbf786b1
2 changed files with 37 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch
+36
View File
@@ -0,0 +1,36 @@
[PATCH] fix CVE-2015-4047
Upstream-Status: Backport
http://www.openwall.com/lists/oss-security/2015/05/20/1
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause
a denial of service (NULL pointer dereference and IKE daemon crash) via
a series of crafted UDP requests.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047
Signed-off-by: Roy Li <rongqing.li@windriver.com>
---
src/racoon/gssapi.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/racoon/gssapi.c b/src/racoon/gssapi.c
index e64b201..1ad3b42 100644
--- a/src/racoon/gssapi.c
+++ b/src/racoon/gssapi.c
@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1)
gss_name_t princ, canon_princ;
OM_uint32 maj_stat, min_stat;
+ if (iph1->rmconf == NULL) {
+ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n");
+ return -1;
+ }
+
gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state));
if (gps == NULL) {
plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n");
--
1.9.1
meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
+1
View File
@@ -15,6 +15,7 @@ SRC_URI = "ftp://ftp.netbsd.org/pub/NetBSD/misc/ipsec-tools/0.8/ipsec-tools-${PV
file://racoon-check-invalid-ivm.patch \
file://glibc-2.20.patch \
file://racoon-Resend-UPDATE-message-when-received-EINTR-message.patch \
file://fix-CVE-2015-4047.patch \
"
SRC_URI[md5sum] = "d53ec14a0a3ece64e09e5e34b3350b41"
SRC_URI[sha256sum] = "8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d"