Bug 910491 - (CVE-2014-9221) VUL-1: CVE-2014-9221: strongswan: DoS via payload with DH group 1025
(CVE-2014-9221)
VUL-1: CVE-2014-9221: strongswan: DoS via payload with DH group 1025
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
All All
: P5 - None : Normal
: ---
Assigned To: Security Team bot
Security Team bot
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-12-17 13:04 UTC by Marius Tomaschewski
Modified: 2016-04-27 21:04 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
upstream patch: strongswan-4.5.0-4.5.3_modp_custom.patch (1.99 KB, patch)
2014-12-17 13:07 UTC, Marius Tomaschewski
Details | Diff
upstream patch: strongswan-4.5.4-5.1.0_modp_custom.patch (2.00 KB, patch)
2014-12-17 13:08 UTC, Marius Tomaschewski
Details | Diff
upstream patch: strongswan-5.1.1_modp_custom.patch (1.98 KB, patch)
2014-12-17 13:09 UTC, Marius Tomaschewski
Details | Diff
upstream patch: strongswan-5.1.2-5.2.1_modp_custom.patch (2.44 KB, patch)
2014-12-17 13:09 UTC, Marius Tomaschewski
Details | Diff
strongswan-4.5.0-4.5.3_dh_group.patch (1.83 KB, patch)
2014-12-19 09:55 UTC, Marius Tomaschewski
Details | Diff
strongswan-4.5.0-4.5.3_modp_custom.patch (4.14 KB, patch)
2014-12-19 09:56 UTC, Marius Tomaschewski
Details | Diff
strongswan-4.6.0-5.0.2_dh_group.patch (2.25 KB, patch)
2014-12-19 09:56 UTC, Marius Tomaschewski
Details | Diff
strongswan-4.6.0-5.0.2_modp_custom.patch (4.63 KB, patch)
2014-12-19 09:56 UTC, Marius Tomaschewski
Details | Diff
strongswan-5.0.3-5.1.0_modp_custom.patch (5.13 KB, patch)
2014-12-19 09:57 UTC, Marius Tomaschewski
Details | Diff
strongswan-5.0.3-5.1.1_dh_group.patch (2.68 KB, patch)
2014-12-19 09:57 UTC, Marius Tomaschewski
Details | Diff
strongswan-5.1.1_modp_custom.patch (5.12 KB, patch)
2014-12-19 09:57 UTC, Marius Tomaschewski
Details | Diff
strongswan-5.1.2-5.2.1_dh_group.patch (3.07 KB, patch)
2014-12-19 09:57 UTC, Marius Tomaschewski
Details | Diff
strongswan-5.1.2-5.2.1_modp_custom.patch (6.05 KB, patch)
2014-12-19 09:58 UTC, Marius Tomaschewski
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Marius Tomaschewski 2014-12-17 13:04:40 UTC
Subject: Re: strongSwan security advisory: CVE-2014-9221
Datum: Thu, 11 Dec 2014 13:42:20 +0100
From: Tobias Brunner <tobias@strongswan.org>

> Please prepare updated releases and patch your installations, but do not
> yet publicly disclose any information about this vulnerability.
> We want to give you as a partner enough time to prepare new releases and
> will publicly disclose the vulnerability with the strongSwan 5.2.2
> release on Dec 22nd, 12:00 noon UTC.

Due to feedback we received we will not do the release in Christmas
week.  Instead we'll disclose the vulnerability and release 5.2.2 on
Friday Dec 19th, 12:00 noon UTC.

Thanks and regards,
Tobias

===========================================================================
Subject: strongSwan security advisory: CVE-2014-9221
Datum: Wed, 10 Dec 2014 18:30:16 +0100
From: Tobias Brunner <tobias@strongswan.org>

Dear strongSwan partner,

One of our users privately reported a denial-of-service vulnerability in
strongSwan.  Affected are strongSwan versions 4.5.0 and newer, including
the latest 5.2.1.

CVE-2014-9221 has been assigned for this vulnerability.

The bug can be triggered by an IKEv2 Key Exchange (KE) payload that
contains the Diffie-Hellman (DH) group 1025.  This identifier is from
the private-use range and only used internally by libtls for DH groups
with custom generator and prime (MODP_CUSTOM).  As such the instantiated
method expects that these two values are passed to the constructor.
This is not the case when a DH object is created based on the group in
the KE payload.  Therefore, an invalid pointer is dereferenced later,
which causes a segmentation fault.  This means that the daemon can be
crashed with a single IKE_SA_INIT message containing such a KE payload.

Remote code execution is not possible due to this issue, nor is IKEv1
affected in charon or pluto.

The attached patches fix the vulnerability in the different strongSwan
versions and should apply with appropriate hunk offsets.

Please prepare updated releases and patch your installations, but do not
yet publicly disclose any information about this vulnerability.
We want to give you as a partner enough time to prepare new releases and
will publicly disclose the vulnerability with the strongSwan 5.2.2
release on Dec 22nd, 12:00 noon UTC.

Thanks to Mike Daskalakis for reporting the issue responsibly.

Our apologies for the inconvenience.

Kind Regards
Tobias Brunner
strongSwan Developer
Comment 1 Marius Tomaschewski 2014-12-17 13:07:51 UTC
Created attachment 617679 [details]
upstream patch: strongswan-4.5.0-4.5.3_modp_custom.patch
Comment 2 Marius Tomaschewski 2014-12-17 13:08:40 UTC
Created attachment 617680 [details]
upstream patch: strongswan-4.5.4-5.1.0_modp_custom.patch
Comment 3 Marius Tomaschewski 2014-12-17 13:09:19 UTC
Created attachment 617681 [details]
upstream patch: strongswan-5.1.1_modp_custom.patch
Comment 4 Marius Tomaschewski 2014-12-17 13:09:59 UTC
Created attachment 617682 [details]
upstream patch: strongswan-5.1.2-5.2.1_modp_custom.patch
Comment 5 Alexander Bergmann 2014-12-17 13:25:53 UTC
CRD: 2014-12-19, 12:00 UTC
Comment 6 Marius Tomaschewski 2014-12-17 13:31:23 UTC
Submission for SLE-12 requested in: https://build.suse.de/request/show/47599,
package in $IBS/home:mtomaschewski:branches:SUSE:SLE-12:Update/strongswan.

Other packages prepared (until CRD is reached) in:
$IBS/home:mtomaschewski:branches:openSUSE.org:network:vpn/strongswan
$IBS/home:mtomaschewski:branches:openSUSE.org:openSUSE:12.3:Update/strongswan
$IBS/home:mtomaschewski:branches:openSUSE.org:openSUSE:13.1:Update/strongswan
$IBS/home:mtomaschewski:branches:openSUSE.org:openSUSE:13.2:Update/strongswan
Comment 7 Marius Tomaschewski 2014-12-17 13:33:01 UTC
SLES-11 (or older) is NOT affected.
Comment 8 Marius Tomaschewski 2014-12-19 09:23:54 UTC
** NEW CRD: 2015-01-05, 12:00 UTC **

-------- Weitergeleitete Nachricht --------
Betreff: Re: strongSwan security advisory: CVE-2014-9221
Datum: Fri, 19 Dec 2014 10:04:17 +0100
Von: Tobias Brunner <tobias@strongswan.org>
An: tobias@strongswan.org
Kopie (CC): Andreas Steffen <andreas.steffen@strongswan.org>, Martin Willi <martin@strongswan.org>

Dear strongSwan partner,

> The attached patches fix the vulnerability in the different strongSwan
> versions and should apply with appropriate hunk offsets.

Our integration tests that we run before every release revealed that
these patches were inadequate.  They broke most of the TLS scenarios.
The intention was to increase the identifier of MODP_CUSTOM beyond the
16-bit size limit of DH identifiers in IKEv2 so this DH group can't be
negotiated anymore.  A side effect of this is that the size of the
diffie_hellman_group_t enum increases to 32-bit.  The problem with that
is that it went unnoticed that the Diffie Hellman implementations in the
different plugins (gmp, openssl etc.) internally used u_int16_t instead
of diffie_hellman_group_t to store the group identifier.

One set of the attached patches fix this specific problem in the
respective strongSwan versions and should apply with appropriate hunk
offsets.  Patches that include both fixes are attached too.

I'm terribly sorry we missed this issue earlier and having to send this
email so close to the intended release date.  Instead of rushing out the
5.2.2 release and the vulnerability disclosure today, we will move the
release date to Jan 5th, 12:00 noon UTC.

For a coordinated public disclosure of the issue we're kindly asking
to hold back any prepared release for today and defer such releases to
the mentioned date.

Once again, our apologies for the inconvenience.

Kind Regards,
Tobias
Comment 9 Marius Tomaschewski 2014-12-19 09:55:57 UTC
Created attachment 617964 [details]
strongswan-4.5.0-4.5.3_dh_group.patch
Comment 10 Marius Tomaschewski 2014-12-19 09:56:17 UTC
Created attachment 617965 [details]
strongswan-4.5.0-4.5.3_modp_custom.patch
Comment 11 Marius Tomaschewski 2014-12-19 09:56:35 UTC
Created attachment 617966 [details]
strongswan-4.6.0-5.0.2_dh_group.patch
Comment 12 Marius Tomaschewski 2014-12-19 09:56:53 UTC
Created attachment 617967 [details]
strongswan-4.6.0-5.0.2_modp_custom.patch
Comment 13 Marius Tomaschewski 2014-12-19 09:57:07 UTC
Created attachment 617968 [details]
strongswan-5.0.3-5.1.0_modp_custom.patch
Comment 14 Marius Tomaschewski 2014-12-19 09:57:23 UTC
Created attachment 617969 [details]
strongswan-5.0.3-5.1.1_dh_group.patch
Comment 15 Marius Tomaschewski 2014-12-19 09:57:42 UTC
Created attachment 617970 [details]
strongswan-5.1.1_modp_custom.patch
Comment 16 Marius Tomaschewski 2014-12-19 09:57:57 UTC
Created attachment 617971 [details]
strongswan-5.1.2-5.2.1_dh_group.patch
Comment 17 Marius Tomaschewski 2014-12-19 09:58:14 UTC
Created attachment 617972 [details]
strongswan-5.1.2-5.2.1_modp_custom.patch
Comment 18 Marius Tomaschewski 2014-12-19 10:22:06 UTC
Updated the patches:

Submission for SLE-12 requested in: https://build.suse.de/request/show/47709,
package in $IBS/home:mtomaschewski:branches:SUSE:SLE-12:Update/strongswan.

Other packages prepared (until new CRD is reached) in:
$IBS/home:mtomaschewski:branches:openSUSE.org:network:vpn/strongswan
$IBS/home:mtomaschewski:branches:openSUSE.org:openSUSE:12.3:Update/strongswan
$IBS/home:mtomaschewski:branches:openSUSE.org:openSUSE:13.1:Update/strongswan
$IBS/home:mtomaschewski:branches:openSUSE.org:openSUSE:13.2:Update/strongswan
Comment 20 Victor Pereira 2015-01-05 13:14:29 UTC
public
Comment 21 Bernhard Wiedemann 2015-01-05 14:00:19 UTC
This is an autogenerated message for OBS integration:
This bug (910491) was mentioned in
https://build.opensuse.org/request/show/267274 Factory / strongswan
https://build.opensuse.org/request/show/267275 12.3 / strongswan
https://build.opensuse.org/request/show/267276 13.1 / strongswan
https://build.opensuse.org/request/show/267277 13.2 / strongswan
Comment 22 Swamp Workflow Management 2015-01-23 10:07:04 UTC
openSUSE-SU-2015:0114-1: An update that solves one vulnerability and has two fixes is now available.

Category: security (moderate)
Bug References: 897048,897512,910491
CVE References: CVE-2014-9221
Sources used:
openSUSE 13.2 (src):    strongswan-5.1.3-4.4.1
openSUSE 13.1 (src):    strongswan-5.1.1-8.1
Comment 24 Swamp Workflow Management 2015-02-13 12:07:09 UTC
SUSE-SU-2015:0281-1: An update that solves one vulnerability and has three fixes is now available.

Category: security (moderate)
Bug References: 856322,897048,897512,910491
CVE References: CVE-2014-9221
Sources used:
SUSE Linux Enterprise Server 12 (src):    strongswan-5.1.3-9.2
SUSE Linux Enterprise Desktop 12 (src):    strongswan-5.1.3-9.1
Comment 25 Marcus Meissner 2015-03-17 16:06:04 UTC
released