Issue Overview:
A use-after-free flaw was found in the way Openswan’s pluto IKE daemon used cryptographic helpers. A remote, authenticated attacker could send a specially-crafted IKE packet that would crash the pluto daemon. This issue only affected SMP (symmetric multiprocessing) systems that have the cryptographic helpers enabled.
Affected Packages:
openswan
Issue Correction:
Run yum update openswan to update your system.
New Packages:
i686:
openswan-2.6.37-2.15.amzn1.i686
openswan-doc-2.6.37-2.15.amzn1.i686
openswan-debuginfo-2.6.37-2.15.amzn1.i686
src:
openswan-2.6.37-2.15.amzn1.src
x86_64:
openswan-2.6.37-2.15.amzn1.x86_64
openswan-doc-2.6.37-2.15.amzn1.x86_64
openswan-debuginfo-2.6.37-2.15.amzn1.x86_64
Red Hat: CVE-2011-4073
Mitre: CVE-2011-4073
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | openswan | < 2.6.37-2.15.amzn1 | openswan-2.6.37-2.15.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openswan-doc | < 2.6.37-2.15.amzn1 | openswan-doc-2.6.37-2.15.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | openswan-debuginfo | < 2.6.37-2.15.amzn1 | openswan-debuginfo-2.6.37-2.15.amzn1.i686.rpm |
Amazon Linux | 1 | x86_64 | openswan | < 2.6.37-2.15.amzn1 | openswan-2.6.37-2.15.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | openswan-doc | < 2.6.37-2.15.amzn1 | openswan-doc-2.6.37-2.15.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | openswan-debuginfo | < 2.6.37-2.15.amzn1 | openswan-debuginfo-2.6.37-2.15.amzn1.x86_64.rpm |