Описание
Security update for strongswan
This update for strongswan fixes the following issues:
- CVE-2023-41913: Fixed a bug in charon-tkm related to handling DH public values that can lead to remote code execution (bsc#1216901).
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
strongswan-5.8.2-150000.4.23.2
strongswan-doc-5.8.2-150000.4.23.2
strongswan-hmac-5.8.2-150000.4.23.2
strongswan-ipsec-5.8.2-150000.4.23.2
strongswan-libs0-5.8.2-150000.4.23.2
SUSE Linux Enterprise Server 15 SP1-LTSS
strongswan-5.8.2-150000.4.23.2
strongswan-doc-5.8.2-150000.4.23.2
strongswan-hmac-5.8.2-150000.4.23.2
strongswan-ipsec-5.8.2-150000.4.23.2
strongswan-libs0-5.8.2-150000.4.23.2
SUSE Linux Enterprise Server for SAP Applications 15 SP1
strongswan-5.8.2-150000.4.23.2
strongswan-doc-5.8.2-150000.4.23.2
strongswan-hmac-5.8.2-150000.4.23.2
strongswan-ipsec-5.8.2-150000.4.23.2
strongswan-libs0-5.8.2-150000.4.23.2
Ссылки
- Link for SUSE-SU-2023:4516-1
- E-Mail link for SUSE-SU-2023:4516-1
- SUSE Security Ratings
- SUSE Bug 1216901
- SUSE CVE CVE-2023-41913 page
Описание
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-5.8.2-150000.4.23.2
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-doc-5.8.2-150000.4.23.2
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-hmac-5.8.2-150000.4.23.2
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:strongswan-ipsec-5.8.2-150000.4.23.2
Ссылки
- CVE-2023-41913
- SUSE Bug 1216901