Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-4989-1:FD5CE
HistoryOct 18, 2021 - 7:17 p.m.

[SECURITY] [DSA 4989-1] strongswan security update

2021-10-1819:17:03
lists.debian.org
10

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.061 Low

EPSS

Percentile

93.4%

JSON

Debian Security Advisory DSA-4989-1 [email protected]
https://www.debian.org/security/ Yves-Alexis Perez
October 18, 2021 https://www.debian.org/security/faq

Package : strongswan
CVE ID : CVE-2021-41990 CVE-2021-41991

Researchers at the United States of America National Security Agency (NSA)
identified two denial of services vulnerability in strongSwan, an IKE/IPsec
suite.

CVE-2021-41990

RSASSA-PSS signatures whose parameters define a very high salt length can
trigger an integer overflow that can lead to a segmentation fault.
.
Generating a signature that bypasses the padding check to trigger the crash
requires access to the private key that signed the certificate.  However,
the certificate does not have to be trusted.  Because the gmp and the
openssl plugins both check if a parsed certificate is self-signed (and the
signature is valid), this can e.g.  be triggered by an unrelated
self-signed CA certificate sent by an initiator.

CVE-2021-41991

Once the in-memory certificate cache is full it tries to randomly replace
lesser used entries. Depending on the generated random value, this could
lead to an integer overflow that results in a double-dereference and a call
using out-of-bounds memory that most likely leads to a segmentation fault.
.
Remote code execution can't be ruled out completely, but attackers have no
control over the dereferenced memory, so it seems unlikely at this point.

For the oldstable distribution (buster), these problems have been fixed
in version 5.7.2-1+deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 5.9.1-1+deb11u1.

We recommend that you upgrade your strongswan packages.

For the detailed security status of strongswan please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/strongswan

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian10mipselstrongswan-charon-dbgsym< 5.7.2-1+deb10u1strongswan-charon-dbgsym_5.7.2-1+deb10u1_mipsel.deb
Debian9armhfstrongswan-scepclient< 5.5.1-4+deb9u5strongswan-scepclient_5.5.1-4+deb9u5_armhf.deb
Debian10s390xlibstrongswan< 5.7.2-1+deb10u1libstrongswan_5.7.2-1+deb10u1_s390x.deb
Debian11armhfstrongswan-swanctl< 5.9.1-1+deb11u1strongswan-swanctl_5.9.1-1+deb11u1_armhf.deb
Debian10amd64charon-cmd< 5.7.2-1+deb10u1charon-cmd_5.7.2-1+deb10u1_amd64.deb
Debian10arm64strongswan-nm-dbgsym< 5.7.2-1+deb10u1strongswan-nm-dbgsym_5.7.2-1+deb10u1_arm64.deb
Debian10arm64charon-cmd< 5.7.2-1+deb10u1charon-cmd_5.7.2-1+deb10u1_arm64.deb
Debian11mipselstrongswan-swanctl< 5.9.1-1+deb11u1strongswan-swanctl_5.9.1-1+deb11u1_mipsel.deb
Debian10armhfstrongswan-starter-dbgsym< 5.7.2-1+deb10u1strongswan-starter-dbgsym_5.7.2-1+deb10u1_armhf.deb
Debian10mipslibstrongswan-standard-plugins< 5.7.2-1+deb10u1libstrongswan-standard-plugins_5.7.2-1+deb10u1_mips.deb
Rows per page:
1-10 of 5831

Related

nessus 15
openvas 16
osv 6
freebsd 1
suse 2
ubuntu 2
fedora 3
rosalinux 1
veracode 2
ubuntucve 2
cbl_mariner 4
debian 1
prion 2
cve 2
redhatcve 2
debiancve 2
alpinelinux 2
photon 4
nessus
nessus
SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2021:3467-1)
2021-10-20 00:00:00
openSUSE 15 Security Update : strongswan (openSUSE-SU-2021:1399-1)
2021-11-01 00:00:00
FreeBSD : strongswan - denial-of-service vulnerability in the gmp plugin/denial-of-service vulnerability in the in-memory certificate cache (58528a94-5100-4208-a04d-edc01598cf01)
2022-01-30 00:00:00
openvas
openvas
Fedora: Security Advisory for strongswan (FEDORA-2021-0b37146973)
2021-10-30 00:00:00
Debian: Security Advisory (DSA-4989-1)
2021-10-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3469-1)
2021-10-20 00:00:00
osv
osv
strongswan vulnerabilities
2021-10-19 10:54:55
strongswan - security update
2021-10-18 00:00:00
CVE-2021-41990
2021-10-18 14:15:10
freebsd
freebsd
strongswan - denial-of-service vulnerability in the gmp plugin/denial-of-service vulnerability in the in-memory certificate cache
2021-10-04 00:00:00
suse
suse
Security update for strongswan (important)
2021-10-31 00:00:00
Security update for strongswan (important)
2021-10-19 00:00:00
ubuntu
ubuntu
strongSwan vulnerabilities
2021-10-19 00:00:00
strongSwan vulnerability
2021-10-19 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: strongswan-5.9.4-1.fc33
2021-10-28 19:31:43
[SECURITY] Fedora 34 Update: strongswan-5.9.4-1.fc34
2021-10-28 19:32:34
[SECURITY] Fedora 35 Update: strongswan-5.9.4-1.fc35
2021-10-29 23:29:36
rosalinux
rosalinux
Advisory ROSA-SA-2023-2274
2023-10-22 06:24:16
veracode
veracode
Denial Of Service (DoS)
2021-10-19 22:00:55
Denial Of Service (DoS)
2021-10-19 22:00:56
ubuntucve
ubuntucve
CVE-2021-41990
2021-10-18 00:00:00
CVE-2021-41991
2021-10-18 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-41990 affecting package strongswan 5.9.3-1
2022-04-26 20:17:10
CVE-2021-41990 affecting package strongswan 5.7.2-6
2021-11-06 00:29:52
CVE-2021-41991 affecting package strongswan 5.7.2-6
2021-11-06 00:29:52
debian
debian
[SECURITY] [DLA 2788-1] strongswan security update
2021-10-19 22:36:40
prion
prion
Integer overflow
2021-10-18 14:15:00
Integer overflow
2021-10-18 14:15:00
cve
cve
CVE-2021-41990
2021-10-18 14:15:00
CVE-2021-41991
2021-10-18 14:15:00
redhatcve
redhatcve
CVE-2021-41990
2021-10-19 16:44:17
CVE-2021-41991
2021-10-19 16:53:54
debiancve
debiancve
CVE-2021-41990
2021-10-18 14:15:00
CVE-2021-41991
2021-10-18 14:15:00
alpinelinux
alpinelinux
CVE-2021-41990
2021-10-18 14:15:00
CVE-2021-41991
2021-10-18 14:15:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0446
2021-10-26 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0320
2021-10-28 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0119
2021-10-27 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.061 Low

EPSS

Percentile

93.4%

JSON
Related for DEBIAN:DSA-4989-1:FD5CE
nessus15openvas16osv6freebsd1suse2ubuntu2fedora3rosalinux1veracode2ubuntucve2cbl_mariner4debian1prion2cve2redhatcve2debiancve2alpinelinux2photon4