Arch Linux Security Advisory ASA-201805-26
=========================================
Severity: Low
Date    : 2018-05-26
CVE-ID  : CVE-2018-5388
Package : strongswan
Type    : denial of service
Remote  : No
Link    : https://security.archlinux.org/AVG-710

Summary
======
The package strongswan before version 5.6.2-2 is vulnerable to denial
of service.

Resolution
=========
Upgrade to 5.6.2-2.

# pacman -Syu "strongswan>=5.6.2-2"

The problem has been fixed upstream but no release is available yet.

Workaround
=========
None.

Description
==========
strongSwan VPN's charon server prior to version 5.6.3 is missing a
packet length check in stroke_socket.c, allowing a buffer overflow
which may lead to resource exhaustion and denial of service while
reading from the socket.
According to the vendor, an attacker must typically have local root
permissions to access the socket. However, other accounts and groups
such as the vpn group (if capability dropping in enabled, for example)
may also have sufficient permissions, but this configuration does not
appear to be the default behavior.

Impact
=====
A local attacker with access to the VPN socket is able to crash the
service.

References
=========
https://bugs.archlinux.org/task/58719
https://www.kb.cert.org/vuls/id/338343
https://github.com/strongswan;a=commitdiff;h=0acd1ab4
https://security.archlinux.org/CVE-2018-5388

ArchLinux: 201805-26: strongswan: denial of service

May 30, 2018

Summary

strongSwan VPN's charon server prior to version 5.6.3 is missing a packet length check in stroke_socket.c, allowing a buffer overflow which may lead to resource exhaustion and denial of service while reading from the socket. According to the vendor, an attacker must typically have local root permissions to access the socket. However, other accounts and groups such as the vpn group (if capability dropping in enabled, for example) may also have sufficient permissions, but this configuration does not appear to be the default behavior.

Resolution

Upgrade to 5.6.2-2. # pacman -Syu "strongswan>=5.6.2-2"
The problem has been fixed upstream but no release is available yet.

References

https://bugs.archlinux.org/task/58719 https://www.kb.cert.org/vuls/id/338343 https://github.com/strongswan;a=commitdiff;h=0acd1ab4 https://security.archlinux.org/CVE-2018-5388

Severity
Package : strongswan
Type : denial of service
Remote : No
Link : https://security.archlinux.org/AVG-710

Workaround

None.

Related News

Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered
Open Source Strategies for Enhancing Security in Digital Business Operations
5 - 9 min read
Digital transformation, powered by the principles of open-source security , is vital for businesses looking to excel in today's technology-driven
Microsoft Update Mayhem: Rescuing Linux Dual-Boot Systems from Secure Boot Woes
2 - 4 min read
Microsoft's recent patch, intended to strengthen Secure Boot defenses, has resulted in an unexpected setback for Linux-Windows dual-boot setups

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved