-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512


Release date: Tuesday, February 28, 2023
Contact: security@libreswan.org
PGP key: 907E790F25C1E8E561CD73B585FF4B43B30FC6F9

=========================================================================
CVE-2023-23009: Malicious IKEv2 TS payload can cause libreswan to restart
=========================================================================

This alert (and any updates) are available at the following URLs:
https://libreswan.org/security/CVE-2023-23009/

The Libreswan Project was notified by github user "zhaodl" of an
issue with receiving a malformed IKEv2 packet that would cause a
crash and restart of the libreswan pluto daemon. When sent continuously,
this could lead to a denial of service attack.

Vulnerable versions: libreswan 4.2 - 4.9
Not vulnerable     : libreswan 3.x, 4.0, 4.1 and 4.10+

Vulnerability information
=========================
A change in the libreswan 4.2 Traffic Selector parsing code introduced
a missing check that would reject palformed Traffic Selector payloads.
As such, in such case the code stumbles on to hit a double free, leading
to a crash and restart of the pluto daemon. No remote code execution
is possible.

Exploitation
============
This vulnerability requires the remote peer to first have successfully
authenticated with libreswan, as the vulnerable code is executed after
peer authentication. Unless Opportunistic Encryption or NULL authentication
connections are configured, only peers explicitely authorized to connect
that cause this crash to happen.

Workaround
==========
If malicious users are triggering this bug, these users can be prevented
from furth access. If X.509 certificates are used, these certificates
can be revoked. Otherwise, the ikev2-authorize= can be configured to
deny these users further access.

History
=======
* 2022-12-20 Initial report via https://github.com/libreswan/libreswan/issues/954
* 2023-02-28 Release of patch and libreswan 4.10

Credits
=======
This vulnerability was found and reported by github user zhaodl.

Upgrading
=========
To address this vulnerability, please upgrade to libreswan 4.10 or later.
For those who cannot upgrade, patches are provided at the above URL,
and are included for reference below.

About libreswan (https://libreswan.org/)
========================================
Libreswan is a free implementation of the Internet Key Exchange (IKE)
protocols IKEv1 and IKEv2. It is a descendant (continuation fork) of
openswan 2.6.38. IKE is used to establish IPsec VPN connections.

IPsec uses strong cryptography to provide both authentication and
encryption services. These services allow you to build secure tunnels
through untrusted networks. Everything passing through the untrusted
network is encrypted by the IPsec gateway machine, and decrypted by
the gateway at the other end of the tunnel. The resulting tunnel is a
virtual private network (VPN).

Patches
=======
Please note that email clients might mangle the patch text included.
Please use the above advisory URL to download a proper patch file.

===============================
Patch for libreswan 4.2 to 4.9
===============================
diff --git a/programs/pluto/ikev2_ts.c b/programs/pluto/ikev2_ts.c
index 3f7519ca38..f06c40ba46 100644
- --- a/programs/pluto/ikev2_ts.c
+++ b/programs/pluto/ikev2_ts.c
@@ -437,6 +437,11 @@ static bool v2_parse_tss(struct payload_digest *const ts_pd,
 		d = pbs_in_struct(&ts_pd->pbs, &ikev2_ts_header_desc,
 			  &ts_h, sizeof(ts_h), &ts_body_pbs);
 
+		if (d != NULL) {
+			llog_diag(RC_LOG, logger, &d, "%s", "");
+			return false;
+		}
+
 		switch (ts_h.isath_type) {
 		case IKEv2_TS_IPV4_ADDR_RANGE:
 		case IKEv2_TS_IPV6_ADDR_RANGE:
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOmlKLfkM1mIKecfy20jS5RIkaL8FAmP+Tl0ACgkQ20jS5RIk
aL/ilBAAgzrbZp7HgOSCh/jE7Qj2OllsKdycHAAxorTPtjEZFEshzq3OTTxeC6N8
QITJzgY4kmal5FzJm0VOnahcIhJDQo46/wD7O7sT0YdujzKg4+BES8txlr2iCi/6
9ga+AaHL2VFdM3iAOmPhK3V0FK2XZG7YjYgh44xS++F5dtCYclY16oWWBa6bPjgI
MavZS1txhjiKlHARLqcrCxF7EjlouMaUIWgRnUV3zBKH10mQlnvfglFeL6zh9Q4w
xjUXTzDFWIFvTC6KJ4O2w9eB0No1KzbIVnpfZonU8SApym8+Qt3dWTMoHsavpHIk
c2d21v3TVJcK+yeNXgYVa0p+XP6WTALsS0DaWRrJPIROwNUQvAPz5gcqQFzeHa7a
H78HjxkaZKGI54WEv1hrHX8k+wWRvoCr+SocfrevNJUKpsfKAYIaVq/NmqZSkv+I
kFq2NbkTYJpI717gQEY9iKYKDx8ClnMKiJSvxCdntq+GyClDmuG/kg+kF+IvKwMy
ax+OCahN/H0QrU04zHN7pvoxNrF4SkRYqyGkCYMLj8eQpU3rOh6ukeddyHIBnIeA
DZULzSFk2ieD/3pPiRXfw9qAy0RZ0TPjCD7Uop3Gjl1fkEZIiLE6NUijfKjjBQ2q
HHWRbOqtEB5rIzkMO4ymwa6ZEAe3GGtbbrGIiGPJFECbL/fGDxw=
=Uppi
-----END PGP SIGNATURE-----
