[Pkg-swan-devel] [Git][debian/strongswan][jessie-security] 4 commits: d/p/CVE-2018-10811.patch added, fix missing initialization of a variable in IKEv2 key derivation

Yves-Alexis Perez gitlab at salsa.debian.org
Mon Sep 24 16:04:15 BST 2018 

Yves-Alexis Perez pushed to branch jessie-security at Debian / strongswan


Commits:
32da56aa by Yves-Alexis Perez at 2018-06-14T08:12:23Z
d/p/CVE-2018-10811.patch added, fix missing initialization of a variable in IKEv2 key derivation

- - - - -
f71dc66b by Yves-Alexis Perez at 2018-06-14T08:12:41Z
d/p/CVE-2018-5388 added, fix insufficient validation in the stroke plugin

- - - - -
73d0f826 by Yves-Alexis Perez at 2018-06-14T08:13:31Z
finalize changelog

- - - - -
cbc4515c by Yves-Alexis Perez at 2018-06-14T08:14:25Z
upload strongSwan 5.2.1-6+deb8u6 to jessie-security

- - - - -


4 changed files:

- debian/changelog
- + debian/patches/CVE-2018-10811.patch
- + debian/patches/CVE-2018-5388.patch
- debian/patches/series


Changes:

=====================================
debian/changelog
=====================================
@@ -1,3 +1,12 @@
+strongswan (5.2.1-6+deb8u6) jessie-security; urgency=medium
+
+  * d/p/CVE-2018-10811.patch added, fix missing initialization of a variable
+    in IKEv2 key derivation (CVE-2018-10811)
+  * d/p/CVE-2018-5388 added, fix insufficient validation in the stroke plugin
+    (CVE-2018-5388)
+
+ -- Yves-Alexis Perez <corsac at debian.org>  Thu, 14 Jun 2018 10:13:44 +0200
+
 strongswan (5.2.1-6+deb8u5) jessie-security; urgency=medium
 
   * debian/patches:


=====================================
debian/patches/CVE-2018-10811.patch
=====================================
@@ -0,0 +1,40 @@
+From b450318c15496f89e7c93392c9b5d2c6045c7de9 Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias at strongswan.org>
+Date: Mon, 19 Mar 2018 17:03:05 +0100
+Subject: [PATCH] ikev2: Initialize variable in case set_key() or
+ allocate_bytes() fails
+
+In case the PRF's set_key() or allocate_bytes() method failed, skeyseed
+was not initialized and the chunk_clear() call later caused a crash.
+
+This could have happened with OpenSSL in FIPS mode when MD5 was
+negotiated (and test vectors were not checked, in which case the PRF
+couldn't be instantiated as the test vectors would have failed).
+MD5 is not included in the default proposal anymore since 5.6.1, so
+with recent versions this could only happen with configs that are not
+valid in FIPS mode anyway.
+
+Fixes: CVE-2018-10811
+---
+ src/libcharon/sa/ikev2/keymat_v2.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c
+index 0c41c68d0118..8b20d1ce986f 100644
+--- a/src/libcharon/sa/ikev2/keymat_v2.c
++++ b/src/libcharon/sa/ikev2/keymat_v2.c
+@@ -303,8 +303,8 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
+ 	chunk_t nonce_i, chunk_t nonce_r, ike_sa_id_t *id,
+ 	pseudo_random_function_t rekey_function, chunk_t rekey_skd)
+ {
+-	chunk_t skeyseed, key, secret, full_nonce, fixed_nonce, prf_plus_seed;
+-	chunk_t spi_i, spi_r;
++	chunk_t skeyseed = chunk_empty, key, secret, full_nonce, fixed_nonce;
++	chunk_t prf_plus_seed, spi_i, spi_r;
+ 	prf_plus_t *prf_plus = NULL;
+ 	u_int16_t alg, key_size, int_alg;
+ 	prf_t *rekey_prf = NULL;
+-- 
+2.7.4
+
+


=====================================
debian/patches/CVE-2018-5388.patch
=====================================
@@ -0,0 +1,28 @@
+From 0acd1ab4d08d53d80393b1a37b8781f6e7b2b996 Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias at strongswan.org>
+Date: Tue, 13 Mar 2018 18:54:08 +0100
+Subject: [PATCH] stroke: Ensure a minimum message length
+
+---
+ src/libcharon/plugins/stroke/stroke_socket.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c
+index c568440b7..1e7f210e9 100644
+--- a/src/libcharon/plugins/stroke/stroke_socket.c
++++ b/src/libcharon/plugins/stroke/stroke_socket.c
+@@ -627,6 +627,11 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream)
+ 		}
+ 		return FALSE;
+ 	}
++	if (len < offsetof(stroke_msg_t, buffer))
++	{
++		DBG1(DBG_CFG, "invalid stroke message length %d", len);
++		return FALSE;
++	}
+ 
+ 	/* read message (we need an additional byte to terminate the buffer) */
+ 	msg = malloc(len + 1);
+-- 
+2.17.1
+


=====================================
debian/patches/series
=====================================
@@ -9,3 +9,5 @@ CVE-2017-9022_insufficient_input_validation_gmp_plugin.patch
 CVE-2017-9023_incorrect_handling_of_choice_types_in_asn1_parser.patch
 0001-openssl-Don-t-pre-initialize-OpenSSL-HMAC-with-an-em.patch
 CVE-2017-11185.patch
+CVE-2018-10811.patch
+CVE-2018-5388.patch



View it on GitLab: https://salsa.debian.org/debian/strongswan/compare/53e66b0d92d19ccb2e490b6c0218566086c005ce...cbc4515c22a017a7fe3a3c2ddcf22df20f2e0b58

-- 
View it on GitLab: https://salsa.debian.org/debian/strongswan/compare/53e66b0d92d19ccb2e490b6c0218566086c005ce...cbc4515c22a017a7fe3a3c2ddcf22df20f2e0b58
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-swan-devel/attachments/20180924/98dac4d3/attachment-0001.html>

More information about the Pkg-swan-devel mailing list