Описание
Security update for strongswan
This update for strongswan fixes the following issues:
- CVE-2023-41913: Fixed a bug in charon-tkm related to handling DH public values that can lead to remote code execution (bsc#1216901).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP5
strongswan-5.9.11-150500.5.6.1
strongswan-doc-5.9.11-150500.5.6.1
strongswan-hmac-5.9.11-150500.5.6.1
strongswan-ipsec-5.9.11-150500.5.6.1
strongswan-libs0-5.9.11-150500.5.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP5
strongswan-nm-5.9.11-150500.5.6.1
SUSE Linux Enterprise Workstation Extension 15 SP5
strongswan-nm-5.9.11-150500.5.6.1
openSUSE Leap 15.5
strongswan-5.9.11-150500.5.6.1
strongswan-doc-5.9.11-150500.5.6.1
strongswan-hmac-5.9.11-150500.5.6.1
strongswan-ipsec-5.9.11-150500.5.6.1
strongswan-libs0-5.9.11-150500.5.6.1
strongswan-mysql-5.9.11-150500.5.6.1
strongswan-nm-5.9.11-150500.5.6.1
strongswan-sqlite-5.9.11-150500.5.6.1
Ссылки
- Link for SUSE-SU-2023:4529-1
- E-Mail link for SUSE-SU-2023:4529-1
- SUSE Security Ratings
- SUSE Bug 1216901
- SUSE CVE CVE-2023-41913 page
Описание
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP5:strongswan-5.9.11-150500.5.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP5:strongswan-doc-5.9.11-150500.5.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP5:strongswan-hmac-5.9.11-150500.5.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP5:strongswan-ipsec-5.9.11-150500.5.6.1
Ссылки
- CVE-2023-41913
- SUSE Bug 1216901