PT-2024-3056 · Libreswan+6 · Libreswan+6

Andrew Vaughn

Published

2024-03-11

Updated

2024-11-20

CVE-2024-2357

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions libreswan versions prior to 4.14

Description The issue causes libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. This can lead to repeated crashes and a Denial of Service, especially when such a connection is automatically added on startup using the auto= keyword. The vulnerability is related to the use of PreSharedKeys for creating the AUTH payload in IKE AUTH Exchange, allowing a remote attacker to perform a Denial of Service attack.

Recommendations For versions prior to 4.14, upgrade to version 4.14 to resolve the issue. As a temporary workaround, consider disabling the use of PreSharedKeys (authby=secret) for connections that cannot find a matching configured secret, or avoid automatically adding such connections on startup using the auto= keyword. Restrict access to the authby=secret configuration to minimize the risk of exploitation.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALSA-2024:1998

ALSA-2024:2033

ALSA-2024:2565

AZL-35885

BDU:2024-03242

CESA-2024_1998

CVE-2024-2357

INFSA-2024_2565

MGASA-2024-0113

OESA-2024-1341

OESA-2024-1409

RHSA-2024:10594

RHSA-2024:1998

RHSA-2024:2033

RHSA-2024:2081

RHSA-2024:2082

RHSA-2024:2085

RHSA-2024:2565

RHSA-2024_1998

RHSA-2024_2033

RHSA-2024_2565

RLSA-2024:1998

RLSA-2024:2565

Affected Products

Almalinux

Centos

Debian

Red Hat

Red Os

Rocky Linux

Libreswan

PT-2024-3056 · Libreswan+6 · Libreswan+6

CVE-2024-2357

Weakness Enumeration

Related Identifiers

Affected Products

References · 52