strongswan: Multiple vulnerabilities (CVE-2017-9022, CVE-2017-9023)
CVE-2017-9022: Insufficient validation of RSA public keys passed to the gmp plugin
RSA public keys passed to the gmp plugin aren’t validated sufficiently
before attempting signature verification, so that invalid input might
lead to a floating point
exception and crash of the process. A certificate with an appropriately
prepared public key sent by a peer could be used for a denial-of-service
attack.
Affected versions:
All versions since 4.4.0, up to and including 5.5.2.
Fixed In Version:
strongswan 5.5.3
References:
https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9022).html
Patches:
https://download.strongswan.org/security/CVE-2017-9022/
CVE-2017-9023: Incorrect Handling of CHOICE types in ASN.1 parser and x509 plugin
ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when
parsing X.509 certificates with extensions that use such types.
This could lead to infinite looping of the thread parsing a specifically
crafted certificate.
Affected versions:
All strongSwan versions up to and including 5.5.2
Fixed In Version:
strongswan 5.5.3
References:
https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9023).html
Patches:
https://download.strongswan.org/security/CVE-2017-9023/
(from redmine: issue id 7346, created on 2017-05-31, closed on 2017-06-15)
- Relations:
- child #7347 (closed)
- child #7348 (closed)
- child #7349 (closed)
- child #7350 (closed)