ipsec spi number not initialized

Bug #607484 reported by René Hummen
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Artturi Karila

Bug Description

IPsec SAs are set up with uninitialized spi values. It seems uninitialized uint32_t variables are used to provide randomness. This might be exploitable and should be replace by a call to openssl random number generators.

visibility: private → public
Miika Komu (miika-iki)
Changed in hipl:
assignee: nobody → Artturi Karila (artturi-karila)
Revision history for this message
Miika Komu (miika-iki) wrote :

For base exchange, hip_hadb_init_entry() initializes inbound spi using get_random_bytes(). Outbound SPI is received from the peer. Are you referring to UPDATE? Can you be more specific, thanks.

Revision history for this message
René Hummen (rene-hummen) wrote :

hip_hadb_init_entry() was the crucial link that I overlooked. It's all good.

Changed in hipl:
status: New → Invalid
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers