[Openswan dev] [Announce] openswan 2.6.37 released - fixes CVE-2011-4073

Paul Wouters paul at xelerance.com
Fri Oct 28 17:28:13 EDT 2011

Hash: SHA256

Subject: CVE-2011-4073 Openswan crypto helper crasher
Release date: Fri Oct 28, 2011


Security Alert:
This alert (and any possible updates) is available at the following URL:

The Openswan project was informed of a vulnerability in the crypto helper
handler in our IKE daemon implementation "pluto".

Vulnerable versions: openswan 2.3.0 up to 2.6.36 configured without nhelpers=0
Fixed version      : openswan 2.6.37

Vulnerability information:
When a phase 2 cryptographic job is handed over to a crypto helper
process, and the phase 1 associated with that phase2 is deleted, the
crypto helper submits its completed work to a freed and possible re-used
memory location.

Openswan is only vulnerable if the attacker is a known client that can
pass ISAKMP phase 1 authentication. Since the cryptographic work done
locally cannot be influenced by the remote client, it is not possible
for the client to cause remote execution of code.

Cryptographic helpers are normally enabled, but vendor distributions of
Openswan disabled the cryptohelpers using "pluto --nhelpers 0" or
specifying "nhelpers=0" in the ipsec.conf configuration file.

Vulnerability Details: The functions quick_outI1_continue()
and quick_outI1() copied pointers to state structs into the struct
qke_continuation. When the original state struct was deleted, the stored
pointer in qke_continuation was still pointing to these memory locations,
causing the invalid memory access. The IKE daemon would crash and restart.

These fixed functions now properly lookup the state ojbects from the
state table by their st_serialno. When requested to delete a deleted
state, a warning is logged.

Full release:
The latest openswan release which fixes all known issues can be found at:
http://www.openswan.org/download/openswan-2.6.37.tar.gz.asc (GPG signature)

For those unable to upgrade to the latest openswan 2.6.37 release, the
following patch can be used to resolve this problem:


This vulnerability was found by the information security group at ETH
Zurich (http://www.infsec.ethz.ch) using an IKE protocol fuzzer during
work on testing protocol implementations funded by the Spacios European
project (http://spacios.eu/). We specifically wish to thank Petar Tsankov,
Mohammad Torabi Dashti and David Basin for their work with the Openswan
Project in reporting this vulnerability and performing tests confirming
resolution of this vulnerability.

About openswan (http://www.openswan.org/):
Openswan is a free implementation of Internet Protocol Security (IPsec)
and Internet Key Exchange (IKE). IPsec uses strong cryptography to provide
both authentication and encryption services. These services allow you to
build secure tunnels through untrusted networks. Everything passing through
the untrusted network is encrypted by the IPsec gateway machine, and
decrypted by the gateway at the other end of the tunnel. The resulting
tunnel is a virtual private network (VPN).

About Xelerance (http://www.xelerance.com/):
Xelerance is the custodian of the openswan IPsec software and the L2TP
server xl2tpd. These are used in combination to provide Enterprise VPN
solutions.  Headquartered in Ottawa, the high-tech capital of Canada,
Xelerance provides products and services to secure the internet. Its
products include DNSX Secure Signer and DNSX Secure Resolver.
Version: GnuPG v1.4.11 (GNU/Linux)

Announce mailing list
Announce at openswan.org

More information about the Dev mailing list