mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-15 18:20:10 +00:00
Roy Li
671304f007
This fixed the CVE-2015-4047: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047 Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
37 lines
1008 B
Diff
37 lines
1008 B
Diff
[PATCH] fix CVE-2015-4047
|
|
|
|
Upstream-Status: Backport
|
|
|
|
http://www.openwall.com/lists/oss-security/2015/05/20/1
|
|
|
|
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause
|
|
a denial of service (NULL pointer dereference and IKE daemon crash) via
|
|
a series of crafted UDP requests.
|
|
|
|
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047
|
|
|
|
Signed-off-by: Roy Li <rongqing.li@windriver.com>
|
|
---
|
|
src/racoon/gssapi.c | 5 +++++
|
|
1 file changed, 5 insertions(+)
|
|
|
|
diff --git a/src/racoon/gssapi.c b/src/racoon/gssapi.c
|
|
index e64b201..1ad3b42 100644
|
|
--- a/src/racoon/gssapi.c
|
|
+++ b/src/racoon/gssapi.c
|
|
@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1)
|
|
gss_name_t princ, canon_princ;
|
|
OM_uint32 maj_stat, min_stat;
|
|
|
|
+ if (iph1->rmconf == NULL) {
|
|
+ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n");
|
|
+ return -1;
|
|
+ }
|
|
+
|
|
gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state));
|
|
if (gps == NULL) {
|
|
plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n");
|
|
--
|
|
1.9.1
|
|
|