strongSwan VPN's charon server prior to version 5.6.3 does not check packet length and may allow buffer underflow, resulting in denial of service.
CWE-124: Buffer Underwrite ('Buffer Underflow') - CVE-2018-5388
In stroke_socket.c, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
A remote attacker with local user credentials (possibly a normal user in the vpn group, or root) may be able to underflow the buffer and cause a denial of service.
Apply an update
Thanks to Kevin Backhouse of Semmle Ltd. for reporting this vulnerability.
This document was written by Garret Wassermann.
|Date First Published:||2018-05-23|
|Date Last Updated:||2018-06-13 16:07 UTC|