Описание
Security update for strongswan
This update for strongswan fixes the following issues:
Security issues fixed:
- CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket (bsc#1094462).
- CVE-2018-10811: Fixed a denial of service during the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF (bsc#1093536).
- CVE-2018-16151,CVE-2018-16152: Fixed multiple flaws in the gmp plugin which might lead to authorization bypass (bsc#1107874).
- CVE-2018-17540: Fixed an improper input validation in gmp plugin (bsc#1109845).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Package Hub 15
Ссылки
- Link for SUSE-SU-2019:3056-1
- E-Mail link for SUSE-SU-2019:3056-1
- SUSE Security Ratings
- SUSE Bug 1093536
- SUSE Bug 1094462
- SUSE Bug 1107874
- SUSE Bug 1109845
- SUSE CVE CVE-2018-10811 page
- SUSE CVE CVE-2018-16151 page
- SUSE CVE CVE-2018-16152 page
- SUSE CVE CVE-2018-17540 page
- SUSE CVE CVE-2018-5388 page
Описание
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
Затронутые продукты
Ссылки
- CVE-2018-10811
- SUSE Bug 1093536
Описание
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication.
Затронутые продукты
Ссылки
- CVE-2018-16151
- SUSE Bug 1107874
- SUSE Bug 1109845
Описание
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. This is a variant of CVE-2006-4790 and CVE-2014-1568.
Затронутые продукты
Ссылки
- CVE-2018-16152
- SUSE Bug 1107874
Описание
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.
Затронутые продукты
Ссылки
- CVE-2018-17540
- SUSE Bug 1107874
- SUSE Bug 1109845
Описание
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
Затронутые продукты
Ссылки
- CVE-2018-5388
- SUSE Bug 1094462
- SUSE Bug 1101792