SB2017053009 - Ubuntu update for strongSwan
Published: May 30, 2017 Updated: June 2, 2017
Security Bulletin ID
SB2017053009
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Improper input validation (CVE-ID: CVE-2017-9022)
CWE-ID: CWE-20 - Improper input validation
CVSSv4:
RSA public keys passed to the gmp plugin in strongSwan aren't validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point exception and crash of the process. A certificate with an appropriately prepared public key sent by a peer could be used for a denial-of-service attack.
2) Improper input validation (CVE-ID: CVE-2017-9023)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
ASN.1 CHOICE types are not correctly handled by the ASN.1 parser in strongSwan when parsing X.509 certificates with extensions that use such types. This could lead to infinite looping of the thread parsing a specifically crafted certificate.
Remediation
Install update from vendor's website.