diff options
Diffstat (limited to 'meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch')
-rw-r--r-- | meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch b/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch new file mode 100644 index 000000000..5286376ac --- /dev/null +++ b/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch | |||
@@ -0,0 +1,36 @@ | |||
1 | [PATCH] fix CVE-2015-4047 | ||
2 | |||
3 | Upstream-Status: Backport | ||
4 | |||
5 | http://www.openwall.com/lists/oss-security/2015/05/20/1 | ||
6 | |||
7 | racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause | ||
8 | a denial of service (NULL pointer dereference and IKE daemon crash) via | ||
9 | a series of crafted UDP requests. | ||
10 | |||
11 | https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047 | ||
12 | |||
13 | Signed-off-by: Roy Li <rongqing.li@windriver.com> | ||
14 | --- | ||
15 | src/racoon/gssapi.c | 5 +++++ | ||
16 | 1 file changed, 5 insertions(+) | ||
17 | |||
18 | diff --git a/src/racoon/gssapi.c b/src/racoon/gssapi.c | ||
19 | index e64b201..1ad3b42 100644 | ||
20 | --- a/src/racoon/gssapi.c | ||
21 | +++ b/src/racoon/gssapi.c | ||
22 | @@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1) | ||
23 | gss_name_t princ, canon_princ; | ||
24 | OM_uint32 maj_stat, min_stat; | ||
25 | |||
26 | + if (iph1->rmconf == NULL) { | ||
27 | + plog(LLV_ERROR, LOCATION, NULL, "no remote config\n"); | ||
28 | + return -1; | ||
29 | + } | ||
30 | + | ||
31 | gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state)); | ||
32 | if (gps == NULL) { | ||
33 | plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n"); | ||
34 | -- | ||
35 | 1.9.1 | ||
36 | |||