SB2017053126 - Improper input validation in strongswan (Alpine package)
Published: May 31, 2017
Security Bulletin ID
SB2017053126
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper input validation (CVE-ID: CVE-2017-9023)
ASN.1 CHOICE types are not correctly handled by the ASN.1 parser in strongSwan when parsing X.509 certificates with extensions that use such types. This could lead to infinite looping of the thread parsing a specifically crafted certificate.Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=b5b340734c9f745798a1e735a1b11710ef301237
- https://git.alpinelinux.org/aports/commit/?id=b2909ae5d93989f6f7aa2506a963bb8061269792
- https://git.alpinelinux.org/aports/commit/?id=f48354faeaa48613ec150ba912a378e92d8fd969
- https://git.alpinelinux.org/aports/commit/?id=ed2876361e4be4201d60d14712478e77f83a87e6
- https://git.alpinelinux.org/aports/commit/?id=c230c56fced0fa200359730435bbce4792cd3e11
- https://git.alpinelinux.org/aports/commit/?id=7fc2f4d05809912063bfe8a962dc13d5ddedede5
- https://git.alpinelinux.org/aports/commit/?id=ac75b4cf5fdcc373908bd64393d0be391b2edb34
- https://git.alpinelinux.org/aports/commit/?id=73c141f3470739c757e59dc00b5a6c58861f9365
- https://git.alpinelinux.org/aports/commit/?id=9a6a7cfb656f54db0871293e52cee189cab41be3
- https://git.alpinelinux.org/aports/commit/?id=b9f9484b5a7eb04f6f3f67df3e650e9b4433e99b
- https://git.alpinelinux.org/aports/commit/?id=82ccbbfff5cbbf01b74519ddd9bc16c487b449e6
- https://git.alpinelinux.org/aports/commit/?id=f647e2d3d31f6c5e3c4f4f41bfbee7eea8d02271