CVE-2019-12312

Exploit

EPSS 0.54%
Published 24.05.2019 14:29:00
Last modified 21.11.2024 04:22:36
Source cve@mitre.org
Teams watchlist Login
Open Login

In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expected IKE_AUTH exchange. This affects send_v2N_spi_response_from_state() in programs/pluto/ikev2_send.c that will then trigger a NULL pointer dereference leading to a restart of libreswan.

Affected products Warnungen 0 Metrics 3 CWE 2 References 8

Data is provided by the National Vulnerability Database (NVD)

Libreswan ≫ Libreswan Version < 3.28

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.54%	0.666

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

http://www.iwantacve.cn/index.php/archives/218/

Third Party Advisory

Exploit

https://github.com/libreswan/libreswan/compare/9b1394e...3897683

Patch

Third Party Advisory

https://github.com/libreswan/libreswan/issues/246

Third Party Advisory

https://libreswan.org/security/CVE-2019-12312/CVE-2019-12312.txt

https://libreswan.org/security/CVE-2019-12312/libreswan-3.27-CVE-2019-12312.patch

https://nvd.nist.gov/vuln/detail/CVE-2019-12312

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-12312

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-12312

EUVD