I am not sure, so I post it here.
Found this:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-10396
Found nothing about this here
https://vuxml.freebsd.org/freebsd/index-cve.html
NetBsd seems have a patch
http://cvsweb.netbsd.org/bsdweb.cgi.../racoon/isakmp_frag.c.diff?r1=1.5&r2=1.5.36.1
and a correction of the patch
http://gnats.netbsd.org/51682
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2016-10396
If somebody confirm, this is not in our vuxml-database, I will file a PR.
Found this:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-10396
Code:
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable
computational-complexity attack when parsing and storing ISAKMP
fragments. The implementation permits a remote attacker to exhaust
computational resources on the remote endpoint by repeatedly sending
ISAKMP fragment packets in a particular order such that the worst-case
computational complexity is realized in the algorithm utilized to
determine if reassembly of the fragments can take place.Found nothing about this here
https://vuxml.freebsd.org/freebsd/index-cve.html
NetBsd seems have a patch
http://cvsweb.netbsd.org/bsdweb.cgi.../racoon/isakmp_frag.c.diff?r1=1.5&r2=1.5.36.1
and a correction of the patch
http://gnats.netbsd.org/51682
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2016-10396
If somebody confirm, this is not in our vuxml-database, I will file a PR.
