Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 668862 (CVE-2018-16151, CVE-2018-16152, CVE-2018-17540)

Summary: <net-vpn/strongswan-5.7.1: multiple vulnerabilities (CVE-2018-{16151,16152,17540})
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: patrick
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [glsa+ cve]
Package list:
net-vpn/strongswan-5.7.1
 Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2018-10-17 10:14:46 UTC 
CVE-2018-17540 (https://nvd.nist.gov/vuln/detail/CVE-2018-17540):
  The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a
  crafted certificate.

CVE-2018-16151 (https://nvd.nist.gov/vuln/detail/CVE-2018-16151):
  In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin
  in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP
  does not reject excess data after the encoded algorithm OID during PKCS#1
  v1.5 signature verification. Similar to the flaw in the same version of
  strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge
  signatures when small public exponents are being used, which could lead to
  impersonation when only an RSA signature is used for IKEv2 authentication.

CVE-2018-16152 (https://nvd.nist.gov/vuln/detail/CVE-2018-16152):
  In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin
  in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP
  does not reject excess data in the digestAlgorithm.parameters field during
  PKCS#1 v1.5 signature verification. Consequently, a remote attacker can
  forge signatures when small public exponents are being used, which could
  lead to impersonation when only an RSA signature is used for IKEv2
  authentication. This is a variant of CVE-2006-4790 and CVE-2014-1568.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2018-10-17 10:16:58 UTC 
@ Arches,

please test and mark stable: =net-vpn/strongswan-5.7.1
Comment 2 Agostino Sarubbo gentoo-dev 2018-10-17 16:10:45 UTC 
amd64 stable
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2018-10-18 11:32:15 UTC 
x86 stable
Comment 4 Markus Meier gentoo-dev 2018-10-31 17:17:21 UTC 
arm stable
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2018-11-08 08:08:39 UTC 
ppc stable
Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev 2018-11-15 12:33:15 UTC 
GLSA Vote: Yes

New GLSA request filed.
Comment 7 Larry the Git Cow gentoo-dev 2018-11-15 12:35:31 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c0ff4971ff0d25924489c8c968ee96d7d7759d8f

commit c0ff4971ff0d25924489c8c968ee96d7d7759d8f
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2018-11-15 12:35:20 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2018-11-15 12:35:20 +0000

    net-vpn/strongswan: security cleanup
    
    Bug: https://bugs.gentoo.org/668862
    Package-Manager: Portage-2.3.51, Repoman-2.3.12
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 net-vpn/strongswan/Manifest                   |   3 -
 net-vpn/strongswan/strongswan-5.6.0-r1.ebuild | 303 --------------------------
 net-vpn/strongswan/strongswan-5.6.2.ebuild    | 303 --------------------------
 net-vpn/strongswan/strongswan-5.6.3.ebuild    | 303 --------------------------
 4 files changed, 912 deletions(-)
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2018-11-26 18:37:37 UTC 
This issue was resolved and addressed in
 GLSA 201811-16 at https://security.gentoo.org/glsa/201811-16
by GLSA coordinator Aaron Bauman (b-man).