Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 668862 (CVE-2018-16151, CVE-2018-16152, CVE-2018-17540) - <net-vpn/strongswan-5.7.1: multiple vulnerabilities (CVE-2018-{16151,16152,17540})
Summary: <net-vpn/strongswan-5.7.1: multiple vulnerabilities (CVE-2018-{16151,16152,17...
Status: RESOLVED FIXED
Alias: CVE-2018-16151, CVE-2018-16152, CVE-2018-17540
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-10-17 10:14 UTC by GLSAMaker/CVETool Bot
Modified: 2018-11-26 18:37 UTC (History)
1 user (show)

See Also:
Package list:
net-vpn/strongswan-5.7.1
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-10-17 10:14:46 UTC
CVE-2018-17540 (https://nvd.nist.gov/vuln/detail/CVE-2018-17540):
  The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a
  crafted certificate.

CVE-2018-16151 (https://nvd.nist.gov/vuln/detail/CVE-2018-16151):
  In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin
  in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP
  does not reject excess data after the encoded algorithm OID during PKCS#1
  v1.5 signature verification. Similar to the flaw in the same version of
  strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge
  signatures when small public exponents are being used, which could lead to
  impersonation when only an RSA signature is used for IKEv2 authentication.

CVE-2018-16152 (https://nvd.nist.gov/vuln/detail/CVE-2018-16152):
  In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin
  in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP
  does not reject excess data in the digestAlgorithm.parameters field during
  PKCS#1 v1.5 signature verification. Consequently, a remote attacker can
  forge signatures when small public exponents are being used, which could
  lead to impersonation when only an RSA signature is used for IKEv2
  authentication. This is a variant of CVE-2006-4790 and CVE-2014-1568.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2018-10-17 10:16:58 UTC
@ Arches,

please test and mark stable: =net-vpn/strongswan-5.7.1
Comment 2 Agostino Sarubbo gentoo-dev 2018-10-17 16:10:45 UTC
amd64 stable
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2018-10-18 11:32:15 UTC
x86 stable
Comment 4 Markus Meier gentoo-dev 2018-10-31 17:17:21 UTC
arm stable
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2018-11-08 08:08:39 UTC
ppc stable
Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev 2018-11-15 12:33:15 UTC
GLSA Vote: Yes

New GLSA request filed.
Comment 7 Larry the Git Cow gentoo-dev 2018-11-15 12:35:31 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c0ff4971ff0d25924489c8c968ee96d7d7759d8f

commit c0ff4971ff0d25924489c8c968ee96d7d7759d8f
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2018-11-15 12:35:20 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2018-11-15 12:35:20 +0000

    net-vpn/strongswan: security cleanup
    
    Bug: https://bugs.gentoo.org/668862
    Package-Manager: Portage-2.3.51, Repoman-2.3.12
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 net-vpn/strongswan/Manifest                   |   3 -
 net-vpn/strongswan/strongswan-5.6.0-r1.ebuild | 303 --------------------------
 net-vpn/strongswan/strongswan-5.6.2.ebuild    | 303 --------------------------
 net-vpn/strongswan/strongswan-5.6.3.ebuild    | 303 --------------------------
 4 files changed, 912 deletions(-)
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2018-11-26 18:37:37 UTC
This issue was resolved and addressed in
 GLSA 201811-16 at https://security.gentoo.org/glsa/201811-16
by GLSA coordinator Aaron Bauman (b-man).