rpm package
opensuse/strongswan&distro=openSUSE Leap 15.1
pkg:rpm/opensuse/strongswan&distro=openSUSE%20Leap%2015.1
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-17540 | — | < 5.6.0-lp151.4.3.1 | 5.6.0-lp151.4.3.1 | Oct 3, 2018 | The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. | ||
| CVE-2018-16152 | — | < 5.6.0-lp151.4.3.1 | 5.6.0-lp151.4.3.1 | Sep 26, 2018 | In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a re | ||
| CVE-2018-16151 | — | < 5.6.0-lp151.4.3.1 | 5.6.0-lp151.4.3.1 | Sep 26, 2018 | In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the | ||
| CVE-2018-10811 | — | < 5.6.0-lp151.4.3.1 | 5.6.0-lp151.4.3.1 | Jun 19, 2018 | strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. | ||
| CVE-2018-5388 | — | < 5.6.0-lp151.4.3.1 | 5.6.0-lp151.4.3.1 | May 31, 2018 | In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. | ||
| CVE-2018-6459 | — | < 5.8.2-lp151.4.6.1 | 5.8.2-lp151.4.6.1 | Feb 20, 2018 | The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter. |
- CVE-2018-17540Oct 3, 2018affected < 5.6.0-lp151.4.3.1fixed 5.6.0-lp151.4.3.1
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.
- CVE-2018-16152Sep 26, 2018affected < 5.6.0-lp151.4.3.1fixed 5.6.0-lp151.4.3.1
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a re
- CVE-2018-16151Sep 26, 2018affected < 5.6.0-lp151.4.3.1fixed 5.6.0-lp151.4.3.1
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the
- CVE-2018-10811Jun 19, 2018affected < 5.6.0-lp151.4.3.1fixed 5.6.0-lp151.4.3.1
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
- CVE-2018-5388May 31, 2018affected < 5.6.0-lp151.4.3.1fixed 5.6.0-lp151.4.3.1
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
- CVE-2018-6459Feb 20, 2018affected < 5.8.2-lp151.4.6.1fixed 5.8.2-lp151.4.6.1
The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter.