| Summary: | <net-misc/strongswan-5.1.3: "ID_DER_ASN1_DN" ID Payload Parsing Denial of Service Vulnerability (CVE-2014-2891) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | gurligebis, patrick |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://secunia.com/advisories/58398/ | ||
| Whiteboard: | B3 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 507722 | ||
| Bug Blocks: | |||
The 5.1.3 version is already in the tree, and only the PPC arch is missing from stable. So if just PPC could stabilize it, we can remove the 5.1.1 version completely, and be done. Versions since 4.3.3 and before 5.1.2 are affected. 5.1.3 is being stabilized as part of Bug 507722. Setting as blocker. Old version has been removed, so now only the fixed version is in the tree. CVE-2014-2891 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2891): strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload. Arches and Mainter(s), Thank you for your work. Added to an existing GLSA request. This issue was resolved and addressed in GLSA 201412-26 at http://security.gentoo.org/glsa/glsa-201412-26.xml by GLSA coordinator Sean Amoss (ackle). |
From ${URL} : Description A vulnerability has been reported in strongSwan, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "asn1_unwrap()" function (src/libstrongswan/asn1/asn1.c) when parsing "ID_DER_ASN1_DN" ID payload and can be exploited to cause a crash via a specially crafted request. The vulnerability is reported in versions 4.3.3 and later. Solution: Apply patches. Further details available to Secunia VIM customers Provided and/or discovered by: Reported by the vendor. Original Advisory: http://strongswan.org/blog/2014/05/05/strongswan-denial-of-service-vulnerability-(cve-2014-2891).html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.