CVE-2015-3240 (retired)

Priority
Description
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45,
when built with NSS, allows remote attackers to cause a denial of service
(assertion failure and daemon restart) via a zero DH g^x value in a KE
payload in a IKE packet.
Notes
 sbeattie> affects openswan if compiled with NSS
Package
Upstream:released (3.15)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (3.19-1)
Ubuntu 19.04 (Disco Dingo):not-affected (3.19-1)
Ubuntu 19.10 (Eoan):not-affected (3.19-1)
Patches:
Upstream:https://libreswan.org/security/CVE-2015-3240/libreswan-3.14-cve-2015-3240-dhshared.patch.asc
Package
Upstream:released (2.6.45)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
More Information

Updated: 2019-09-19 15:53:32 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)