NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2d42ac75fd
kumquat-buildroot/package/strongswan/strongswan-0005-CVE-2013-6076-fix.patch
Gustavo Zacarias 90af4f16c5 strongswan: add security patches 
Security patches to fix CVE-2013-5018, CVE-2013-6075 and CVE-2013-6076.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2013-11-01 15:27:55 +01:00

28 lines
963 B
Diff
Raw Blame History

From d8867a8452eece3fffab29605f48e6bed47c42d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Volker=20R=C3=BCmelin?= <vr_strongswan@t-online.de>
Date: Fri, 11 Oct 2013 09:38:24 +0200
Subject: [PATCH] ikev1: Properly initialize list of fragments in case fragment
ID is 0
Fixes CVE-2013-6076.
---
src/libcharon/sa/ikev1/task_manager_v1.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libcharon/sa/ikev1/task_manager_v1.c b/src/libcharon/sa/ikev1/task_manager_v1.c
index 6d4ef14..597416e 100644
--- a/src/libcharon/sa/ikev1/task_manager_v1.c
+++ b/src/libcharon/sa/ikev1/task_manager_v1.c
@@ -1273,7 +1273,7 @@ static status_t handle_fragment(private_task_manager_t *this, message_t *msg)
return FAILED;
}
- if (this->frag.id != payload->get_id(payload))
+ if (!this->frag.list || this->frag.id != payload->get_id(payload))
{
clear_fragments(this, payload->get_id(payload));
this->frag.list = linked_list_create();
--
1.8.1.2
Reference in New Issue View Git Blame Copy Permalink