SB2024081001 - Fedora EPEL 10.0 update for strongswan

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024081001

SB2024081001 - Fedora EPEL 10.0 update for strongswan

Published: August 10, 2024

Security Bulletin ID SB2024081001
Severity
High
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2023-41913)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in the TKM-backed version of the charon IKE daemon due to a missing check for DH Public Values in charon-tkm. A remote attacker can send specially crafted data to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Expired pointer dereference (CVE-ID: CVE-2023-26463)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an error in libtls implementation that treats the public key from the peer's certificate as trusted, even if the certificate can't be verified successfully. A remote attacker can supply a self-signed certificate to a server that authenticates clients with a TLS-based EAP method like EAP-TLS, trigger an expired pointer dereference and crash the server or execute arbitrary code.


Remediation

Install update from vendor's website.

References