Debian 10 DLA-3663-1 Critical: StrongSwan Buffer Overflow Remote Code Exec

debian lts

November 24, 2023

It was discovered that there was a potential buffer overflow in strongswan, a IPsec-based VPN (Virtual Private Network) server

Topics Covered

security advisory buffer overflow critical remote code execution debian strongswan

Summary

A vulnerability related to processing public Diffie-Hellman key
exchange values could have resulted in a buffer overflow and
potentially remote code execution as a result.

For Debian 10 buster, this problem has been fixed in version
5.7.2-1+deb10u4.

We recommend that you upgrade your strongswan packages.

For the detailed security status of strongswan please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/strongswan

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Severity

critical

Lowest

Low

Medium

High

Critical

Package: strongswan

Version: 5.7.2-1+deb10u4

CVE ID: CVE-2023-41913

Topics Covered

security advisory buffer overflow critical remote code execution debian strongswan

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Debian 10 DLA-3663-1 Critical: StrongSwan Buffer Overflow Remote Code Exec

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Debian 10 DLA-3663-1 Critical: StrongSwan Buffer Overflow Remote Code Exec

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!