Gentoo update for strongSwan
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2021-41991 CVE-2021-45079 CVE-2022-40617 CVE-2023-26463 |
| CWE-ID | CWE-190 CWE-371 CWE-295 CWE-825 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Gentoo Linux Operating systems & Components / Operating system net-vpn/strongswan Operating systems & Components / Operating system package or component |
| Vendor | Gentoo |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Integer overflow
EUVDB-ID: #VU57553
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-41991
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow when processing multiple requests with different certificates. A remote attacker can send specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
net-vpn/strongswan to version: 5.9.10
Gentoo Linux: All versions
net-vpn/strongswan: before 5.9.10
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:gentoo:net-vpn_strongswan:*:*:*:*:*:gentoo_linux:*:*
https://security.gentoo.org/glsa/202405-08
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) State Issues
EUVDB-ID: #VU59994
Risk: High
CVSSv4.0: 6.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-45079
CWE-ID:
CWE-371 - State Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication.
The vulnerability exists due to improper handling of EAP-Success messages. A remote attacker can send a specially crafted (early) EAP-Success message to the affected system and bypass authentication or perform a denial of service attack.
Update the affected packages.
net-vpn/strongswan to version: 5.9.10
Gentoo Linux: All versions
net-vpn/strongswan: before 5.9.10
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:gentoo:net-vpn_strongswan:*:*:*:*:*:gentoo_linux:*:*
https://security.gentoo.org/glsa/202405-08
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Certificate Validation
EUVDB-ID: #VU67813
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-40617
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error within the revocation plugin, which uses potentially untrusted OCSP URIs and
CRL distribution points (CDP) in certificates. A remote attacker can initiate the IKE_SAs and send crafted certificates that contain URIs
pointing to servers under their control. As a result, a remote attacker can perform a denial of service (DoS) attack.
Update the affected packages.
net-vpn/strongswan to version: 5.9.10
Gentoo Linux: All versions
net-vpn/strongswan: before 5.9.10
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:gentoo:net-vpn_strongswan:*:*:*:*:*:gentoo_linux:*:*
https://security.gentoo.org/glsa/202405-08
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Expired pointer dereference
EUVDB-ID: #VU79677
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-26463
CWE-ID:
CWE-825 - Expired pointer dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to an error in libtls implementation that treats the public key from the peer's certificate as trusted, even if the certificate can't be verified successfully. A remote attacker can supply a self-signed certificate to a server that authenticates clients with a TLS-based EAP method like EAP-TLS, trigger an expired pointer dereference and crash the server or execute arbitrary code.
Update the affected packages.
net-vpn/strongswan to version: 5.9.10
Gentoo Linux: All versions
net-vpn/strongswan: before 5.9.10
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:gentoo:net-vpn_strongswan:*:*:*:*:*:gentoo_linux:*:*
https://security.gentoo.org/glsa/202405-08
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
