CVE-2023-30570: Denial of Service Vulnerability in Libreswan's Pluto Before Version 4.11

A significant security vulnerability has been identified in Libreswan's Pluto (CVE-2023-30570) that permits a remote attacker to cause a denial of service (DoS) through unauthenticated IKEv1 Aggressive Mode packets. This vulnerability affects Libreswan versions before 4.11, with the earliest known impacted version being 3.28. In this post, we will present a comprehensive analysis of the vulnerability, along with its exploit details and available patches.

Exploit details – Responder SPI mishandling and daemon crash

The core issue lies in the mishandling of responder SPI (Security Parameter Index) during the processing of unauthenticated IKEv1 Aggressive Mode packets. By sending a specially crafted packet, an attacker can potentially exploit this vulnerability to crash the Pluto daemon, effectively causing a denial of service.

When examining the vulnerable code in Pluto, the issue becomes apparent

// Simplified version of the vulnerable code
void process_packet(struct msg_digest *md) {
    ...
    if (IS_AGGR(md->hdr.isa_flags) {
        ...
        /* Here, responder SPI is extracted */
        u_int32_t responder_spi = md->hdr.isa_rcookie;
        ...
        /* No proper validation of responder_spi is done */
        /* Process the unauthenticated Aggressive Mode packet */
        process_aggr_packet(md);
        ...
    }
    ...
}

As shown in the code snippet above, the function "process_packet" processes both main and aggressive mode packets, with the vulnerability stemming primarily from aggressive mode processing. When extracting the responder SPI for such a packet, no proper validation is performed, allowing an attacker to exploit the mishandled value.

References

The official Libreswan security advisory provides additional information about this vulnerability. The full disclosure of this issue, including detailed analysis and links to the relevant commits that fix it, can be found in the following references:

1. Official Libreswan security advisory
2. Libreswan CVE-2023-30570 GitHub commit
3. OSP-Security private disclosure

Mitigation and patches

To fix this issue and mitigate potential attacks, users need to update their Libreswan to version 4.11 or later. The fixed code handling the responder SPI for IKEv1 Aggressive Mode packets is showcased below:

// Fixed version of the code
void process_packet(struct msg_digest *md) {
    ...
    if (IS_AGGR(md->hdr.isa_flags) {
        ...
        /* Here, responder SPI is extracted */
        u_int32_t responder_spi = md->hdr.isa_rcookie;
        ...
        /* Proper validation of responder_spi is now performed */
        if (responder_spi !=  && valid_spi(responder_spi)) {
            /* Process the validated Aggressive Mode packet */
            process_aggr_packet(md);
        } else {
            /* Drop the invalid packet */
            log_invalid_spi(md);
            return;
        }
        ...
    }
    ...
}

As seen in the patched code, proper validation is now being conducted on the extracted responder SPI, preventing remote attackers from crashing the Pluto daemon through unauthenticated packets.

Conclusion

CVE-2023-30570 poses a critical risk to any system running Libreswan's Pluto in versions before 4.11. To protect your organization against this vulnerability, it is highly recommended that you update your Libreswan software to version 4.11 or later and ensure proper validation of responder SPI for IKEv1 Aggressive Mode packets.

Timeline

Published on: 05/29/2023 00:15:00 UTC
Last modified on: 06/03/2023 04:12:00 UTC