CVE-2021-41990

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-41990

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41990.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-41990

Related

Published

2021-10-18T14:15:10Z

Modified

2024-12-05T15:29:30.352573Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.

References

Affected packages

Alpine:v3.12 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.8.4-r3

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

Alpine:v3.13 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r1

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

Alpine:v3.14 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r2

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

Alpine:v3.15 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r3

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

Alpine:v3.16 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r3

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

Alpine:v3.17 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r3

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r0

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

Alpine:v3.18 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r3

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r0

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

Alpine:v3.19 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r3

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r0

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

Alpine:v3.20 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r3

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r0

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

Alpine:v3.21 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r3

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r0

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

Debian:11 / strongswan

Package

Name: strongswan
Purl: pkg:deb/debian/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-1+deb11u1

Affected versions

5.*

5.9.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / strongswan

Package

Name: strongswan
Purl: pkg:deb/debian/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / strongswan

Package

Name: strongswan
Purl: pkg:deb/debian/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/strongswan/strongswan

Affected ranges

Type: GIT
Repo: https://github.com/strongswan/strongswan
Events: Introduced

203a86ecb88ecff2a338196401cbf55244ed6158

Fixed

66fa7c959a53cff27c83e7f10331ad24cfdfb0a4

Affected versions

5.*

5.6.1

5.6.2

5.6.2dr1

5.6.2dr2

5.6.2dr3

5.6.2dr4

5.6.2rc1

5.6.3

5.6.3dr1

5.6.3dr2

5.6.3rc1

5.7.0

5.7.0dr1

5.7.0dr2

5.7.0dr3

5.7.0dr4

5.7.0dr5

5.7.0dr6

5.7.0dr8

5.7.0rc1

5.7.0rc2

5.7.1

5.7.2

5.7.2dr1

5.7.2dr2

5.7.2dr3

5.7.2dr4

5.7.2rc1

5.8.0

5.8.0dr2

5.8.0rc1

5.8.1

5.8.1dr1

5.8.1rc2

5.8.2

5.8.2dr1

5.8.2dr2

5.8.2rc1

5.8.2rc2

5.8.3

5.8.3rc1

5.8.4

5.9.0

5.9.0dr1

5.9.0dr2

5.9.0rc1

5.9.1

5.9.1dr1

5.9.1rc1

5.9.2

5.9.2dr1

5.9.2dr2

5.9.2rc1

5.9.2rc2

5.9.3

5.9.3dr1

5.9.3dr2

5.9.3dr3

5.9.3dr4

5.9.3rc1

5.9.4dr1

5.9.4dr2

5.9.4dr3

5.9.4rc1

android-2.*

android-2.3.3

android-2.3.3-1