Candidate: CVE-2019-12312
PublicDate: 2019-05-24 14:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12312
 https://github.com/libreswan/libreswan/issues/246
 https://github.com/libreswan/libreswan/commit/7142d2c37d58cf024595a7549f0fb0d3946682f8
 http://www.iwantacve.cn/index.php/archives/218/
 https://github.com/libreswan/libreswan/compare/9b1394e...3897683
Description:
 In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon
 restart. An attacker can trigger a NULL pointer dereference by initiating
 an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange
 instead of the normallly expected IKE_AUTH exchange. This affects
 send_v2N_spi_response_from_state() in programs/pluto/ikev2_send.c that will
 then trigger a NULL pointer dereference leading to a restart of libreswan.
Ubuntu-Description:
Notes:
 ebarretto> libreswan only verion 3.27 affected
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_libreswan:
upstream_libreswan: needs-triage
precise/esm_libreswan: DNE
trusty_libreswan: ignored (out of standard support)
trusty/esm_libreswan: DNE
xenial_libreswan: DNE
bionic_libreswan: not-affected (code not present)
cosmic_libreswan: not-affected (code not present)
disco_libreswan: ignored (reached end-of-life)
eoan_libreswan: not-affected (3.27-5)
devel_libreswan: not-affected (3.27-5)