Project

General

Profile

Bug #7347

Bug #7346: strongswan: Multiple vulnerabilities (CVE-2017-9022, CVE-2017-9023)

[3.6] strongswan: Multiple vulnerabilities (CVE-2017-9022, CVE-2017-9023)

Added by Alicha CH about 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
05/31/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

CVE-2017-9022: Insufficient validation of RSA public keys passed to the gmp plugin

RSA public keys passed to the gmp plugin aren't validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point
exception and crash of the process. A certificate with an appropriately prepared public key sent by a peer could be used for a denial-of-service attack.

Affected versions:

All versions since 4.4.0, up to and including 5.5.2.

Fixed In Version:

strongswan 5.5.3

References:

https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9022).html

Patches:

https://download.strongswan.org/security/CVE-2017-9022/

CVE-2017-9023: Incorrect Handling of CHOICE types in ASN.1 parser and x509 plugin

ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when parsing X.509 certificates with extensions that use such types.
This could lead to infinite looping of the thread parsing a specifically crafted certificate.

Affected versions:

All strongSwan versions up to and including 5.5.2

Fixed In Version:

strongswan 5.5.3

References:

https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9023).html

Patches:

https://download.strongswan.org/security/CVE-2017-9023/

Associated revisions

Revision f647e2d3 (diff)
Added by Natanael Copa about 2 years ago

main/strongswan: security upgrade to 5.5.3 (CVE-2017-9022,CVE-2017-9023)

fixes #7347

History

#1 Updated by Natanael Copa about 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH about 2 years ago

  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF