CVE-2015-3240

Priority
Description
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45,
when built with NSS, allows remote attackers to cause a denial of service
(assertion failure and daemon restart) via a zero DH g^x value in a KE
payload in a IKE packet.
Notes
 sbeattie> affects openswan if compiled with NSS
Package
Upstream:released (3.15)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (3.19-1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (3.19-1)
Ubuntu 19.04 (Disco Dingo):not-affected (3.19-1)
Patches:
Upstream:https://libreswan.org/security/CVE-2015-3240/libreswan-3.14-cve-2015-3240-dhshared.patch.asc
Package
Upstream:released (2.6.45)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
More Information

Updated: 2019-01-14 21:17:04 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)