Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 899964 (CVE-2023-26463)

Summary: <net-vpn/strongswan-5.9.10: denial of service but possibly even remote code execution
Product: Gentoo Security Reporter: Conrad Kostecki <conikost>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: kernlpanic, proxy-maint, rndxelement
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.strongswan.org/blog/2023/03/02/strongswan-vulnerability-(cve-2023-26463).html
Whiteboard: B2 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 904537    
Bug Blocks:    

Description Conrad Kostecki gentoo-dev 2023-03-06 21:51:54 UTC
strongSwan Vulnerability (CVE-2023-26463)

A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected.

A user publicly reported a bug related certificate verification in TLS-based EAP methods that leads to an authentication bypass followed by an expired pointer dereference that results in a denial of service but possibly even remote code execution.

Fixed by 5.9.10 release:
https://www.strongswan.org/blog/2023/03/02/strongswan-5.9.10-released.html
Comment 1 Larry the Git Cow gentoo-dev 2023-03-14 23:14:53 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e946ce4d76ece04b512661469ce5550e1d505ae5

commit e946ce4d76ece04b512661469ce5550e1d505ae5
Author:     Dennis Eisele <kernlpanic@dennis-eisele.de>
AuthorDate: 2023-03-04 13:33:08 +0000
Commit:     Conrad Kostecki <conikost@gentoo.org>
CommitDate: 2023-03-14 23:12:01 +0000

    net-vpn/strongswan: version bump to 5.9.10
    
    Bug: https://bugs.gentoo.org/899964
    Signed-off-by: Dennis Eisele <kernlpanic@dennis-eisele.de>
    Closes: https://github.com/gentoo/gentoo/pull/29924
    Signed-off-by: Conrad Kostecki <conikost@gentoo.org>

 net-vpn/strongswan/Manifest                 |   1 +
 net-vpn/strongswan/strongswan-5.9.10.ebuild | 318 ++++++++++++++++++++++++++++
 2 files changed, 319 insertions(+)
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-04-19 04:11:51 UTC
Thanks!
Comment 3 Hans de Graaff gentoo-dev Security 2023-10-08 10:41:37 UTC
Ping. Please clean up vulnerable versions 5.9.8 and 5.9.9.
Comment 4 Larry the Git Cow gentoo-dev 2023-10-08 21:51:48 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=328181b0a39b56600ebba16a15ab14e3e4954b85

commit 328181b0a39b56600ebba16a15ab14e3e4954b85
Author:     Conrad Kostecki <conikost@gentoo.org>
AuthorDate: 2023-10-08 21:50:15 +0000
Commit:     Conrad Kostecki <conikost@gentoo.org>
CommitDate: 2023-10-08 21:51:41 +0000

    net-vpn/strongswan: drop 5.9.8, 5.9.9, 5.9.10
    
    Bug: https://bugs.gentoo.org/899964
    Signed-off-by: Conrad Kostecki <conikost@gentoo.org>

 net-vpn/strongswan/Manifest                 |   3 -
 net-vpn/strongswan/strongswan-5.9.10.ebuild | 318 ----------------------------
 net-vpn/strongswan/strongswan-5.9.8.ebuild  | 318 ----------------------------
 net-vpn/strongswan/strongswan-5.9.9.ebuild  | 318 ----------------------------
 4 files changed, 957 deletions(-)
Comment 5 Larry the Git Cow gentoo-dev 2024-05-04 09:06:11 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=5c311dfaab4c0172a4524ae5860106bcac33a694

commit 5c311dfaab4c0172a4524ae5860106bcac33a694
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-05-04 09:05:41 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-05-04 09:06:06 +0000

    [ GLSA 202405-08 ] strongSwan: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/818841
    Bug: https://bugs.gentoo.org/832460
    Bug: https://bugs.gentoo.org/878887
    Bug: https://bugs.gentoo.org/899964
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202405-08.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)