NetBSD Multiple Bugs in IPsec Lets Remote Users Cause the Target System to Crash
|
SecurityTracker Alert ID: 1040839 |
SecurityTracker URL: http://securitytracker.com/id/1040839
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: May 8 2018
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 6.0, 6.1, 7.0, 7.1
|
Description:
Several vulnerabilities were reported in NetBSD. A remote user can cause the target system to crash.
A remote user can send specially crafted IPsec Authentication Header (AH) data to trigger an input validation flaw or use-after-free memory error and cause the system to crash.
A remote user can send specially crafted data to trigger a logic error and cause the system to crash when both IPsec and forwarding is enabled.
A remote user can send specially crafted data to trigger a system panic when encapsulating security payload (ESP) is enabled.
A remote user can trigger a system panic when both IPsec and IPv6 forwarding are enabled.
A remote authenticated user can trigger a use-after-free memory error in the common Tunnel code.
A remote authenticated user can exploit a pointer initialization flaw to cause an IPv6 packet to bypass the "local address spoofing" check.
A remote authenticated user can exploit a length validation flaw to cause the system to crash.
A remote authenticated user can trigger a memory leak and use-after-free memory error and cause the system to crash when both IPv6 and forwarding are enabled.
Maxime Villard reported this vulnerability.
|
Impact:
A remote user can cause the target system to crash.
|
Solution:
The vendor has issued a fix.
The vendor advisory is available at:
https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2018-007.txt.asc
|
Vendor URL: ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2018-007.txt.asc (Links to External Site)
|
Cause:
Access control error, Exception handling error, Input validation error, State error
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|