strongswan: heap buffer overflow using crafted certificates (CVE-2018-17540)
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a
crafted certificate,
the vulnerability was introduced with the patch that fixes
CVE-2018-16151/2.
References:
https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html
https://nvd.nist.gov/vuln/detail/CVE-2018-17540
(from redmine: issue id 9515, created on 2018-10-08, closed on 2018-10-09)
- Relations:
- child #9516 (closed)
- child #9517 (closed)
- child #9518 (closed)
- child #9519 (closed)