CVE-2018-6459

2018-02-2015:29:00

Debian Security Bug Tracker

security-tracker.debian.org

0.004 Low

EPSS

Percentile

73.9%

JSON

The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter.

OSVersionArchitecturePackageVersionFilename
Debian12allstrongswan< 5.6.2-1strongswan_5.6.2-1_all.deb
Debian11allstrongswan< 5.6.2-1strongswan_5.6.2-1_all.deb
Debian10allstrongswan< 5.6.2-1strongswan_5.6.2-1_all.deb
Debian999allstrongswan< 5.6.2-1strongswan_5.6.2-1_all.deb
Debian13allstrongswan< 5.6.2-1strongswan_5.6.2-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	strongswan	< 5.6.2-1	strongswan_5.6.2-1_all.deb
Debian	11	all	strongswan	< 5.6.2-1	strongswan_5.6.2-1_all.deb
Debian	10	all	strongswan	< 5.6.2-1	strongswan_5.6.2-1_all.deb
Debian	999	all	strongswan	< 5.6.2-1	strongswan_5.6.2-1_all.deb
Debian	13	all	strongswan	< 5.6.2-1	strongswan_5.6.2-1_all.deb

0.004 Low

EPSS

Percentile

73.9%

JSON

Related for DEBIANCVE:CVE-2018-6459