hipl-core team mailing list archive

Thread
Date

hipl-core team
Mailing list archive
Message #00059

[Bug 607484] Re: ipsec spi number not initialized

To: hipl-core@xxxxxxxxxxxxxxxxxxx
From: René Hummen <607484@xxxxxxxxxxxxxxxxxx>
Date: Mon, 23 Aug 2010 15:27:49 -0000
Reply-to: Bug 607484 <607484@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

hip_hadb_init_entry() was the crucial link that I overlooked. It's all
good.

** Changed in: hipl
       Status: New => Invalid

-- 
ipsec spi number not initialized
https://bugs.launchpad.net/bugs/607484
You received this bug notification because you are a member of HIPL core
team, which is subscribed to HIPL.

Status in Host Identity Protocol for Linux: Invalid

Bug description:
IPsec SAs are set up with uninitialized spi values. It seems uninitialized uint32_t variables are used to provide randomness. This might be exploitable and should be replace by a call to openssl random number generators.