Fraudulent security certificates could allow access controls to be
bypassed.
Software Description:
- strongswan: IPsec VPN solution
Details:
Jan Schermer discovered that strongSwan incorrectly validated client
certificates in certain configurations. A remote attacker could possibly
use this issue to bypass access controls.
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS libstrongswan 5.9.5-2ubuntu2.3 strongswan 5.9.5-2ubuntu2.3 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6772-1
CVE-2022-4967
Get the latest Linux and open source security news straight to your inbox.