Strongswan Strongswan

Do you want an email whenever new security vulnerabilities are reported in Strongswan?

By the Year

In 2021 there have been 2 vulnerabilities in Strongswan with an average score of 7.5 out of ten. Strongswan did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2021 as compared to last year.

Year Vulnerabilities Average Score
2021 2 7.50
2020 0 0.00
2019 1 3.10
2018 6 6.97

It may take a day or so for new Strongswan vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Strongswan Security Vulnerabilities

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries

CVE-2021-41991 7.5 - High - October 18, 2021

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility.

Integer Overflow or Wraparound

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature

CVE-2021-41990 7.5 - High - October 18, 2021

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.

Integer Overflow or Wraparound

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets

CVE-2019-10155 3.1 - Low - June 12, 2019

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.

Improper Input Validation

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow

CVE-2018-17540 7.5 - High - October 03, 2018

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.

Buffer Overflow

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0

CVE-2018-16151 7.5 - High - September 26, 2018

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication.

Improper Verification of Cryptographic Signature

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0

CVE-2018-16152 7.5 - High - September 26, 2018

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. This is a variant of CVE-2006-4790 and CVE-2014-1568.

Improper Verification of Cryptographic Signature

strongSwan 5.6.0 and older

CVE-2018-10811 7.5 - High - June 19, 2018

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.

Missing Initialization of Resource

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could

CVE-2018-5388 6.5 - Medium - May 31, 2018

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.

Memory Corruption

The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature

CVE-2018-6459 5.3 - Medium - February 20, 2018

The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter.

Improper Verification of Cryptographic Signature

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Strongswan or by Strongswan? Click the Watch button to subscribe.

Strongswan
Vendor

Strongswan
Product

subscribe