Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
89
security advisorysecurity updateFedoraFedora 40 fastd 2025-29fc4fefd5 Low: UDP amplification attack
This release contains a number of small improvements and bugfixes, including mitigations for the LOW severity vulnerability CVE-2025-24356. Bugfixes Add mitigations for fast-reconnect amplification attacks When receiving a data packet from an unknown IP address/port combination, fastd. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-29fc4fefd5 2025-02-05 02:09:51.857790+00:00 -------------------------------------------------------------------------------- Name : fastd Product : Fedora 40 Version : 23 Release : 1.fc40 URL : https://github.com/neocturne/fastd Summary : Fast and secure tunneling daemon Description : fastd is a secure tunneling daemon with some unique features: - Very small binary (about 100KB on OpenWRT in the default configuration, including all dependencies besides libc) - Exchangable crypto methods - Transport over UDP for simple usage behind NAT - Can run in 1:1 and 1:n scenarios - There are no server and client roles defined by the protocol, this is just defined by the usage. - Only one instance of the daemon is needed on each host to create a full mesh If no full mesh is established, a routing protocol is necessary to enable hosts that are not connected directly to reach each other -------------------------------------------------------------------------------- Update Information: This release contains a number of small improvements and bugfixes, including mitigations for the LOW severity vulnerability CVE-2025-24356. Bugfixes Add mitigations for fast-reconnect amplification attacks When receiving a data packet from an unknown IP address/port combination, fastd will assume that one of its connected peers has moved to a new address (for example due to internet lines with dynamic IP, or roaming between WWAN and a local internet connection) and initiate a reconnect by sending a handshake packet. This âfast reconnectâ avoids having to wait for a session timeout(up to ~90s) until a new connection is established. Even a 1-byte UDP packet just containing the fastd packet type header can trigger a much larger handshake packet (~150 bytes of UDP payload). With fastd v22, this number is doubled, because two handshakes are sent (one in a pre-v22-compatible format and one in a new L2TP-style format). Including IPv4 and UDP headers, the resulting amplification factor is roughly 12-13. By sending data packets with a spoofed source address to fastd instances reachable on the internet, this amplification of UDP traffic might be used to facilitate a Distributed Denial of Service attack. fastd has always implemented rate limiting for handshakes to unknown IP addresses and ports to 1 handshake per 15s to avoid this kind of attack, however the rate is limited per-port and not per-address, thus still allowing handshakes to be sent to all 65535 UDP ports of the same IP address unlimited. The issue has been mitigated in fastd v23 by a number of changes: Rate-limiting has been changed changed to be applied per-address instead of per- port Only one handshake instead of two handshakes is sent for fast-reconnect (by determining from the format of the data packet whether a pre-v22 or L2TP-style handshake should be used) Require at least a full method header instead of just a single byte for a data packet to be considered valid. This does not have an effect on instances that enable the null method (regardless of null being actually in use), as a single- byte UDP packet is a valid null keepalive, but for all other methods the amplification factor is slightly reduced. Only fastd instances that allow connections from arbitrary IP addresses are vulnerable. Instances in a âclientâ role that configure their peers using the remote config option (which includes the common deployment as part of the Gluon wireless mesh firmware) will not respond to unexpected data packets with a handshake and are therefore unaffected. CVE-2025-24356 has been assigned to this issue. The severity ofthis vulnerability is considered LOW. A GitHub security advisory can be found under GHSA-pggg-vpfv-4rcv. Fix config loading to fail on offload l2tp no; when L2TP offloading is unsupported by the fastd build or the kernel Fix assembly Salsa20(/12) implementations accidentally generating the Linux- specific .note.GNU-stack ELF section on non-Linux systems This is unlikely to have caused any issues, as other systems should just ignore the unknown section. Status socket: - Fix interface name information with L2TP offloading - Add per- peer MTU information Documentation: - Fix incorrect âpersist interfaceâ examples - Improve explanation of float option Build: - Fix build on macOS (again) - Fix build with Meson 0.49 (the minimum version marked as supported by fastd) Other changes Add support for Indirect Branch Tracking and Shadow Stacks on x86 The assembly Salsa20(/12) implementations have been marked compatible with IBT and SHSTK, which are part of Intel CET (Control-flow Enforcement Technology) and can be enabled using the -fcf-protection GCC option. The file COPYRIGHT has been renamed to LICENSE The vendored version of libmnl that is used with libmnl_builtin=true has been updated to 1.0.5 -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 26 2025 Felix Kaechele - 23-1 - update to 23 * Thu Jan 16 2025 Fedora Release Engineering - 22-17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Wed Jul 17 2024 Fedora Release Engineering - 22-16 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2342133 - fastd-23 is available https://bugzilla.redhat.com/show_bug.cgi?id=2342133 [ 2 ] Bug #2342337 - CVE-2025-24356 fastd: UDP traffic amplification via fastd's fast reconnect feature [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2342337 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-29fc4fefd5' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- . Fedora 40 introduces updates for Fastd, mitigating minor amplification vulnerabilities; accompanied by security advisory and crucial bug fixes.. Fedora Updates, fastd Security, UDP Attack Mitigation, Bugfixes, Open Source Security. . Severity: Low. LinuxSecurity.com Team
Feb 05, 2025
•Low
Fedora
89
security advisoryFedoralow severityFedora 41: fastd Security Fix for LOW Severity UDP Amplification
This release contains a number of small improvements and bugfixes, including mitigations for the LOW severity vulnerability CVE-2025-24356. Bugfixes Add mitigations for fast-reconnect amplification attacks When receiving a data packet from an unknown IP address/port combination, fastd. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-b895b18cfe 2025-02-04 01:14:03.352890+00:00 -------------------------------------------------------------------------------- Name : fastd Product : Fedora 41 Version : 23 Release : 1.fc41 URL : https://github.com/neocturne/fastd Summary : Fast and secure tunneling daemon Description : fastd is a secure tunneling daemon with some unique features: - Very small binary (about 100KB on OpenWRT in the default configuration, including all dependencies besides libc) - Exchangable crypto methods - Transport over UDP for simple usage behind NAT - Can run in 1:1 and 1:n scenarios - There are no server and client roles defined by the protocol, this is just defined by the usage. - Only one instance of the daemon is needed on each host to create a full mesh If no full mesh is established, a routing protocol is necessary to enable hosts that are not connected directly to reach each other -------------------------------------------------------------------------------- Update Information: This release contains a number of small improvements and bugfixes, including mitigations for the LOW severity vulnerability CVE-2025-24356. Bugfixes Add mitigations for fast-reconnect amplification attacks When receiving a data packet from an unknown IP address/port combination, fastd will assume that one of its connected peers has moved to a new address (for example due to internet lines with dynamic IP, or roaming between WWAN and a local internet connection) and initiate a reconnect by sending a handshake packet. This âfast reconnectâ avoids having to wait for a session timeout(up to ~90s) until a new connection is established. Even a 1-byte UDP packet just containing the fastd packet type header can trigger a much larger handshake packet (~150 bytes of UDP payload). With fastd v22, this number is doubled, because two handshakes are sent (one in a pre-v22-compatible format and one in a new L2TP-style format). Including IPv4 and UDP headers, the resulting amplification factor is roughly 12-13. By sending data packets with a spoofed source address to fastd instances reachable on the internet, this amplification of UDP traffic might be used to facilitate a Distributed Denial of Service attack. fastd has always implemented rate limiting for handshakes to unknown IP addresses and ports to 1 handshake per 15s to avoid this kind of attack, however the rate is limited per-port and not per-address, thus still allowing handshakes to be sent to all 65535 UDP ports of the same IP address unlimited. The issue has been mitigated in fastd v23 by a number of changes: Rate-limiting has been changed changed to be applied per-address instead of per- port Only one handshake instead of two handshakes is sent for fast-reconnect (by determining from the format of the data packet whether a pre-v22 or L2TP-style handshake should be used) Require at least a full method header instead of just a single byte for a data packet to be considered valid. This does not have an effect on instances that enable the null method (regardless of null being actually in use), as a single- byte UDP packet is a valid null keepalive, but for all other methods the amplification factor is slightly reduced. Only fastd instances that allow connections from arbitrary IP addresses are vulnerable. Instances in a âclientâ role that configure their peers using the remote config option (which includes the common deployment as part of the Gluon wireless mesh firmware) will not respond to unexpected data packets with a handshake and are therefore unaffected. CVE-2025-24356 has been assigned to this issue. The severity ofthis vulnerability is considered LOW. A GitHub security advisory can be found under GHSA-pggg-vpfv-4rcv. Fix config loading to fail on offload l2tp no; when L2TP offloading is unsupported by the fastd build or the kernel Fix assembly Salsa20(/12) implementations accidentally generating the Linux- specific .note.GNU-stack ELF section on non-Linux systems This is unlikely to have caused any issues, as other systems should just ignore the unknown section. Status socket: - Fix interface name information with L2TP offloading - Add per- peer MTU information Documentation: - Fix incorrect âpersist interfaceâ examples - Improve explanation of float option Build: - Fix build on macOS (again) - Fix build with Meson 0.49 (the minimum version marked as supported by fastd) Other changes Add support for Indirect Branch Tracking and Shadow Stacks on x86 The assembly Salsa20(/12) implementations have been marked compatible with IBT and SHSTK, which are part of Intel CET (Control-flow Enforcement Technology) and can be enabled using the -fcf-protection GCC option. The file COPYRIGHT has been renamed to LICENSE The vendored version of libmnl that is used with libmnl_builtin=true has been updated to 1.0.5 -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 26 2025 Felix Kaechele - 23-1 - update to 23 * Thu Jan 16 2025 Fedora Release Engineering - 22-17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2342133 - fastd-23 is available https://bugzilla.redhat.com/show_bug.cgi?id=2342133 [ 2 ] Bug #2342338 - CVE-2025-24356 fastd: UDP traffic amplification via fastd's fast reconnect feature [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2342338 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2025-b895b18cfe' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- . Debian releases patches for systemd enhancing defense mechanisms against minor escalation vulnerabilities and addressing various bugs.. UDP Amplification, Fastd Security, Fastd Updates, Fedora Security Advisory, Network Bugfixes. . Severity: Low. LinuxSecurity.com Team
Feb 04, 2025
•Low
Fedora
172
security advisorydenial of servicesecurity issueUbuntu 20.10 USN-4720-1 Important Nginx Security Update Advisory
fastd could be made to denial of service it if received a specially crafted input.. =========================================================================Ubuntu Security Notice USN-4718-1 February 02, 2021 fastd vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: fastd could be made to denial of service it if received a specially crafted input. Software Description: - fastd: Fast and Secure Tunneling Daemon Details: It was discovered that fastd incorrectly handled certain packets. An attacker could possibly use this issue to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: fastd 19-3ubuntu0.1 Ubuntu 18.04 LTS: fastd 18-3ubuntu0.18.04.1 Ubuntu 16.04 LTS: fastd 17-4ubuntu0.1 In general, a standard system update will make all the necessary changes. References: CVE-2020-27638 Package Information: https://launchpad.net/ubuntu/+source/fastd/19-3ubuntu0.1 https://launchpad.net/ubuntu/+source/fastd/18-3ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/fastd/17-4ubuntu0.1 . This advisory warns of a critical vulnerability in FastD on multiple Ubuntu versions, risking potential denial of service due to crafted input data. fastd Vulnerability, Ubuntu Security Notice, Denial Of Service Risk. . Severity: Important. LinuxSecurity.com Team
Feb 02, 2021
•Important
Ubuntu
89
security advisoryupdateFedoraFedora 32: FEDORA-2020-495c14a23f Critical: fastd Memory Leak
Fix for CVE-2020-27638. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-495c14a23f 2020-11-03 01:29:14.893145 --------------------------------------------------------------------------------Name : fastd Product : Fedora 32 Version : 21 Release : 1.fc32 URL : https://github.com/neocturne/fastd/wiki Summary : Fast and secure tunneling daemon Description : fastd is a secure tunneling daemon with some unique features: - Very small binary (about 100KB on OpenWRT in the default configuration, including all dependencies besides libc) - Exchangable crypto methods - Transport over UDP for simple usage behind NAT - Can run in 1:1 and 1:n scenarios - There are no server and client roles defined by the protocol, this is just defined by the usage. - Only one instance of the daemon is needed on each host to create a full mesh If no full mesh is established, a routing protocol is necessary to enable hosts that are not connected directly to reach each other --------------------------------------------------------------------------------Update Information: Fix for CVE-2020-27638 --------------------------------------------------------------------------------ChangeLog: * Fri Oct 23 2020 Felix Kaechele - 21-1 - update to 21 - fixes CVE-2020-27638 --------------------------------------------------------------------------------References: [ 1 ] Bug #1887118 - fastd-21 is available https://bugzilla.redhat.com/show_bug.cgi?id=1887118 [ 2 ] Bug #1890968 - CVE-2020-27638 fastd: DoS'able memory leak on invalid packets [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1890968 [ 3 ] Bug #1890969 - CVE-2020-27638 fastd: DoS'able memory leak on invalid packets [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1890969 [ 4 ] Bug #1890970 - CVE-2020-27638 fastd: DoS'able memory leak on invalid packets [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=1890970 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-495c14a23f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 02, 2020
•Critical
Fedora
89
security advisoryFedoraDoSFedora 31: FEDORA-2020-01dc2bc62c critical: fastd DoS Memory Leak
Fix for CVE-2020-27638. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-01dc2bc62c 2020-11-03 01:20:46.180194 --------------------------------------------------------------------------------Name : fastd Product : Fedora 31 Version : 21 Release : 1.fc31 URL : https://github.com/neocturne/fastd/wiki Summary : Fast and secure tunneling daemon Description : fastd is a secure tunneling daemon with some unique features: - Very small binary (about 100KB on OpenWRT in the default configuration, including all dependencies besides libc) - Exchangable crypto methods - Transport over UDP for simple usage behind NAT - Can run in 1:1 and 1:n scenarios - There are no server and client roles defined by the protocol, this is just defined by the usage. - Only one instance of the daemon is needed on each host to create a full mesh If no full mesh is established, a routing protocol is necessary to enable hosts that are not connected directly to reach each other --------------------------------------------------------------------------------Update Information: Fix for CVE-2020-27638 --------------------------------------------------------------------------------ChangeLog: * Fri Oct 23 2020 Felix Kaechele - 21-1 - update to 21 - fixes CVE-2020-27638 --------------------------------------------------------------------------------References: [ 1 ] Bug #1887118 - fastd-21 is available https://bugzilla.redhat.com/show_bug.cgi?id=1887118 [ 2 ] Bug #1890968 - CVE-2020-27638 fastd: DoS'able memory leak on invalid packets [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1890968 [ 3 ] Bug #1890969 - CVE-2020-27638 fastd: DoS'able memory leak on invalid packets [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1890969 [ 4 ] Bug #1890970 - CVE-2020-27638 fastd: DoS'able memory leak on invalid packets [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=1890970 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-01dc2bc62c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 02, 2020
•Critical
Fedora
89
security advisoryFedoraDoSFedora 33 Fastd Security Advisory: DoS Memory Leak Fix for CVE-2020-27638
Fix for CVE-2020-27638. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-13edfc3215 2020-11-03 00:57:50.584833 --------------------------------------------------------------------------------Name : fastd Product : Fedora 33 Version : 21 Release : 1.fc33 URL : https://github.com/neocturne/fastd/wiki Summary : Fast and secure tunneling daemon Description : fastd is a secure tunneling daemon with some unique features: - Very small binary (about 100KB on OpenWRT in the default configuration, including all dependencies besides libc) - Exchangable crypto methods - Transport over UDP for simple usage behind NAT - Can run in 1:1 and 1:n scenarios - There are no server and client roles defined by the protocol, this is just defined by the usage. - Only one instance of the daemon is needed on each host to create a full mesh If no full mesh is established, a routing protocol is necessary to enable hosts that are not connected directly to reach each other --------------------------------------------------------------------------------Update Information: Fix for CVE-2020-27638 --------------------------------------------------------------------------------ChangeLog: * Fri Oct 23 2020 Felix Kaechele - 21-1 - update to 21 - fixes CVE-2020-27638 --------------------------------------------------------------------------------References: [ 1 ] Bug #1887118 - fastd-21 is available https://bugzilla.redhat.com/show_bug.cgi?id=1887118 [ 2 ] Bug #1890968 - CVE-2020-27638 fastd: DoS'able memory leak on invalid packets [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1890968 [ 3 ] Bug #1890969 - CVE-2020-27638 fastd: DoS'able memory leak on invalid packets [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1890969 [ 4 ] Bug #1890970 - CVE-2020-27638 fastd: DoS'able memory leak on invalid packets [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=1890970 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-13edfc3215' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 02, 2020
•Critical
Fedora
172
security advisorydenial of serviceUbuntuUbuntu 20.04 LTS: 4610-1 Critical: Fastd Resource Exhaustion
fastd could be made to remotely exhaust resources if it received specially crafted packets.. =========================================================================Ubuntu Security Notice USN-4610-1 October 29, 2020 fastd vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: fastd could be made to remotely exhaust resources if it received specially crafted packets. Software Description: - fastd: Fast and Secure Tunneling Daemon Details: It was discovered that fastd did not properly handle receive buffers under certain circumstances. A remote attacker could possibly use this issue to cause a memory leak, resulting in a denial of service. (CVE-2020-27638) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: fastd 18-3ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4610-1 CVE-2020-27638 Package Information: https://launchpad.net/ubuntu/+source/fastd/18-3ubuntu0.1 . A vulnerability in fastd found in Ubuntu 20.04 LTS may permit resource exhaustion, potentially resulting in a denial of service. Ensure your system is updated immediately.. Ubuntu Fastd Security, Fastd Resource Leak, Ubuntu Advisory. . Severity: Critical. LinuxSecurity.com Team
Oct 29, 2020
•Critical
Ubuntu
197
security advisorydenial of servicedebianDebian 9: DLA-2414-1 Critical: Fastd Denial Of Service Risk
In fastd, a fast and secure tunnelling daemon, a receive buffer handling problem was discovered which allows a denial of service (memory exhaustion) when receiving packets with an invalid type code. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2414-1
Oct 25, 2020
•Critical
Debian LTS
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!