Advisories » MGASA-2018-0010

Updated ipsec-tools packages fix security vulnerability

Publication date: 01 Jan 2018
Modification date: 01 Jan 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-10396

Description

It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly
handled certain ISAKMP fragments. A remote attacker could use this issue
to cause racoon to crash, resulting in a denial of service
(CVE-2016-10396).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22043
• https://usn.ubuntu.com/usn/usn-3482-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10396

SRPMS

6/core

• ipsec-tools-0.8.1-7.1.mga6

5/core

• ipsec-tools-0.8.1-5.1.mga5