Amazon Linux 2 Security Advisory: ALAS-2023-2299
Advisory Release Date: 2023-10-12 15:09 Pacific
Advisory Updated Date: 2023-10-19 23:41 Pacific
A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state occurs. This flaw allows a malicious client or attacker to send a malformed IKEv1 Delete/Notify packet, causing a crash and restarting the libreswan pluto daemon. When sent continuously, this could lead to a denial of service attack. (CVE-2023-38712)
Affected Packages:
libreswan
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update libreswan to update your system.
aarch64:
libreswan-3.25-4.8.amzn2.0.2.aarch64
libreswan-debuginfo-3.25-4.8.amzn2.0.2.aarch64
i686:
libreswan-3.25-4.8.amzn2.0.2.i686
libreswan-debuginfo-3.25-4.8.amzn2.0.2.i686
src:
libreswan-3.25-4.8.amzn2.0.2.src
x86_64:
libreswan-3.25-4.8.amzn2.0.2.x86_64
libreswan-debuginfo-3.25-4.8.amzn2.0.2.x86_64