strongSwan VPN's charon server prior to version 5.6.3 does not check packet length and may allow buffer underflow, resulting in denial of service.
CWE-124: Buffer Underwrite ('Buffer Underflow') - CVE-2018-5388
In stroke_socket.c, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
A remote attacker with local user credentials (possibly a normal user in the vpn group, or root) may be able to underflow the buffer and cause a denial of service.
Apply an update
SUSE Linux Affected
ASP Linux Unknown
Alpine Linux Unknown
Arch Linux Unknown
Arista Networks, Inc. Unknown
Debian GNU/Linux Unknown
Fedora Project Unknown
Gentoo Linux Unknown
Micro Focus Unknown
MontaVista Software, Inc. Unknown
Openwall GNU/*/Linux Unknown
Red Hat, Inc. Unknown
Slackware Linux Inc. Unknown
Thanks to Kevin Backhouse of Semmle Ltd. for reporting this vulnerability.
This document was written by Garret Wassermann.
|Date First Published:||2018-05-23|
|Date Last Updated:||2018-06-13 16:07 UTC|