Buffer Overflow

2023-11-2806:31:24

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

strongswan

buffer overflow

charon-tkm

ike daemon

denial of service

diffie-hellman

stack buffer

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.8%

JSON

strongswan is vulnerable to Buffer Overflow. The vulnerability is due to charon-tkm version of the charon IKE daemon doesn’t properly check the length of received Diffie-Hellman public values before copying them to a fixed-size buffer on the stack. This potentially leads to a buffer overflow and Denial of service.

CPENameOperatorVersion
strongswan:sideq5.9.1-1
strongswan:3.19eq5.9.11-r1
strongswan:3.18eq5.9.10-r1
strongswan:3.17eq5.9.8-r0
strongswan:3.17eq5.9.8-r1
strongswan:edgeeq5.9.7-r1
strongswan:edgeeq5.9.6-r0
strongswan:edgeeq5.9.5-r1
strongswan:edgeeq5.9.5-r0
strongswan:edgeeq5.9.1-r4

Name	Operator	Version
strongswan:sid	eq	5.9.1-1
strongswan:3.19	eq	5.9.11-r1
strongswan:3.18	eq	5.9.10-r1
strongswan:3.17	eq	5.9.8-r0
strongswan:3.17	eq	5.9.8-r1
strongswan:edge	eq	5.9.7-r1
strongswan:edge	eq	5.9.6-r0
strongswan:edge	eq	5.9.5-r1
strongswan:edge	eq	5.9.5-r0
strongswan:edge	eq	5.9.1-r4