[USN-3771-1] strongSwan vulnerabilities
marc.deslauriers at canonical.com
Tue Sep 25 14:07:43 UTC 2018
Ubuntu Security Notice USN-3771-1
September 25, 2018
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Several security issues were fixed in strongSwan.
- strongswan: IPsec VPN solution
It was discovered that strongSwan incorrectly handled IKEv2 key derivation.
A remote attacker could possibly use this issue to cause strongSwan to
crash, resulting in a denial of service. (CVE-2018-10811)
Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in
the gmp plugin. A remote attacker could possibly use this issue to bypass
Sze Yiu Chau discovered that strongSwan incorrectly handled certain
parameters fields in the gmp plugin. A remote attacker could possibly use
this issue to bypass authorization. (CVE-2018-16152)
It was discovered that strongSwan incorrectly handled the stroke plugin. A
local administrator could use this issue to cause a denial of service, or
possibly execute arbitrary code. (CVE-2018-5388)
The problem can be corrected by updating your system to the following
Ubuntu 18.04 LTS:
Ubuntu 16.04 LTS:
Ubuntu 14.04 LTS:
In general, a standard system update will make all the necessary changes.
CVE-2018-10811, CVE-2018-16151, CVE-2018-16152, CVE-2018-5388
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the ubuntu-security-announce