ipsec-tools: CVE-2015-4047: null pointer dereference crash in racoon See: https://bugs.gentoo.org/show_bug.cgi?id=550118 Downloaded from https://gitweb.gentoo.org/repo/gentoo.git/tree/net-vpn/ipsec-tools/files/ipsec-tools-CVE-2015-4047.patch See also https://sources.debian.net/src/ipsec-tools/1:0.8.2%2B20140711-8/debian/patches/bug785778-null-pointer-deref.patch/ Signed-off-by: Bernd Kuhls --- ./src/racoon/gssapi.c 9 Sep 2006 16:22:09 -0000 1.4 +++ ./src/racoon/gssapi.c 19 May 2015 15:16:00 -0000 1.6 @@ -192,6 +192,11 @@ gss_name_t princ, canon_princ; OM_uint32 maj_stat, min_stat; + if (iph1->rmconf == NULL) { + plog(LLV_ERROR, LOCATION, NULL, "no remote config\n"); + return -1; + } + gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state)); if (gps == NULL) { plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n");