CVE-2021-41991

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-41991
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41991.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-41991
Related
Published
2021-10-18T14:15:10Z
Modified
2024-12-05T15:29:44.791317Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility.

References

Affected packages

Alpine:v3.12 / strongswan

Package

Name
strongswan
Purl
pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.8.4-r3

Affected versions

4.*

4.5.2-r0
4.6.1-r0

5.*

5.1.1-r0
5.1.1-r1
5.1.1-r2
5.1.1-r3
5.1.3-r0
5.2.0-r0
5.2.0-r1
5.2.0-r2
5.2.2-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.1-r1
5.3.1-r2
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.2-r9
5.3.2-r10
5.3.3-r0
5.3.4-r0
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.4.0-r0
5.4.0-r1
5.5.0-r0
5.5.0-r1
5.5.1-r0
5.5.1-r1
5.5.2-r0
5.5.2-r1
5.5.3-r0
5.5.3-r1
5.6.0-r0
5.6.0-r1
5.6.1-r0
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.3-r1
5.6.3-r2
5.7.0-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.2-r0
5.7.2-r1
5.8.0-r0
5.8.0-r1
5.8.1-r0
5.8.1-r1
5.8.2-r0
5.8.3-r0
5.8.4-r0
5.8.4-r1
5.8.4-r2

Alpine:v3.13 / strongswan

Package

Name
strongswan
Purl
pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.1-r1

Affected versions

4.*

4.5.2-r0
4.6.1-r0

5.*

5.1.1-r0
5.1.1-r1
5.1.1-r2
5.1.1-r3
5.1.3-r0
5.2.0-r0
5.2.0-r1
5.2.0-r2
5.2.2-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.1-r1
5.3.1-r2
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.2-r9
5.3.2-r10
5.3.3-r0
5.3.4-r0
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.4.0-r0
5.4.0-r1
5.5.0-r0
5.5.0-r1
5.5.1-r0
5.5.1-r1
5.5.2-r0
5.5.2-r1
5.5.3-r0
5.5.3-r1
5.6.0-r0
5.6.0-r1
5.6.1-r0
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.3-r1
5.6.3-r2
5.7.0-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.2-r0
5.7.2-r1
5.8.0-r0
5.8.0-r1
5.8.1-r0
5.8.1-r1
5.8.2-r0
5.8.3-r0
5.8.4-r0
5.8.4-r1
5.8.4-r2
5.9.0-r0
5.9.0-r1
5.9.1-r0

Alpine:v3.14 / strongswan

Package

Name
strongswan
Purl
pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.1-r2

Affected versions

4.*

4.5.2-r0
4.6.1-r0

5.*

5.1.1-r0
5.1.1-r1
5.1.1-r2
5.1.1-r3
5.1.3-r0
5.2.0-r0
5.2.0-r1
5.2.0-r2
5.2.2-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.1-r1
5.3.1-r2
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.2-r9
5.3.2-r10
5.3.3-r0
5.3.4-r0
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.4.0-r0
5.4.0-r1
5.5.0-r0
5.5.0-r1
5.5.1-r0
5.5.1-r1
5.5.2-r0
5.5.2-r1
5.5.3-r0
5.5.3-r1
5.6.0-r0
5.6.0-r1
5.6.1-r0
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.3-r1
5.6.3-r2
5.7.0-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.2-r0
5.7.2-r1
5.8.0-r0
5.8.0-r1
5.8.1-r0
5.8.1-r1
5.8.2-r0
5.8.3-r0
5.8.4-r0
5.8.4-r1
5.8.4-r2
5.9.0-r0
5.9.0-r1
5.9.1-r0
5.9.1-r1

Alpine:v3.15 / strongswan

Package

Name
strongswan
Purl
pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.1-r3

Affected versions

4.*

4.5.2-r0
4.6.1-r0

5.*

5.1.1-r0
5.1.1-r1
5.1.1-r2
5.1.1-r3
5.1.3-r0
5.2.0-r0
5.2.0-r1
5.2.0-r2
5.2.2-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.1-r1
5.3.1-r2
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.2-r9
5.3.2-r10
5.3.3-r0
5.3.4-r0
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.4.0-r0
5.4.0-r1
5.5.0-r0
5.5.0-r1
5.5.1-r0
5.5.1-r1
5.5.2-r0
5.5.2-r1
5.5.3-r0
5.5.3-r1
5.6.0-r0
5.6.0-r1
5.6.1-r0
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.3-r1
5.6.3-r2
5.7.0-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.2-r0
5.7.2-r1
5.8.0-r0
5.8.0-r1
5.8.1-r0
5.8.1-r1
5.8.2-r0
5.8.3-r0
5.8.4-r0
5.8.4-r1
5.8.4-r2
5.9.0-r0
5.9.0-r1
5.9.1-r0
5.9.1-r1
5.9.1-r2

Alpine:v3.16 / strongswan

Package

Name
strongswan
Purl
pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.1-r3

Affected versions

4.*

4.5.2-r0
4.6.1-r0

5.*

5.1.1-r0
5.1.1-r1
5.1.1-r2
5.1.1-r3
5.1.3-r0
5.2.0-r0
5.2.0-r1
5.2.0-r2
5.2.2-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.1-r1
5.3.1-r2
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.2-r9
5.3.2-r10
5.3.3-r0
5.3.4-r0
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.4.0-r0
5.4.0-r1
5.5.0-r0
5.5.0-r1
5.5.1-r0
5.5.1-r1
5.5.2-r0
5.5.2-r1
5.5.3-r0
5.5.3-r1
5.6.0-r0
5.6.0-r1
5.6.1-r0
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.3-r1
5.6.3-r2
5.7.0-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.2-r0
5.7.2-r1
5.8.0-r0
5.8.0-r1
5.8.1-r0
5.8.1-r1
5.8.2-r0
5.8.3-r0
5.8.4-r0
5.8.4-r1
5.8.4-r2
5.9.0-r0
5.9.0-r1
5.9.1-r0
5.9.1-r1
5.9.1-r2

Alpine:v3.17 / strongswan

Package

Name
strongswan
Purl
pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.1-r3

Affected versions

4.*

4.5.2-r0
4.6.1-r0

5.*

5.1.1-r0
5.1.1-r1
5.1.1-r2
5.1.1-r3
5.1.3-r0
5.2.0-r0
5.2.0-r1
5.2.0-r2
5.2.2-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.1-r0
5.3.1-r1
5.3.1-r2
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.2-r9
5.3.2-r10
5.3.3-r0
5.3.4-r0
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.4.0-r0
5.4.0-r1
5.5.0-r0
5.5.0-r1
5.5.1-r0
5.5.1-r1
5.5.2-r0
5.5.2-r1
5.5.3-r0
5.5.3-r1
5.6.0-r0
5.6.0-r1
5.6.1-r0
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.3-r1
5.6.3-r2
5.7.0-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.2-r0
5.7.2-r1
5.8.0-r0
5.8.0-r1
5.8.1-r0
5.8.1-r1
5.8.2-r0
5.8.3-r0
5.8.4-r0
5.8.4-r1
5.8.4-r2
5.9.0-r0
5.9.0-r1
5.9.1-r0
5.9.1-r1
5.9.1-r2

Alpine:v3.18 / strongswan

Package

Name
strongswan
Purl
pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.1-r3

Affected versions

4.*

4.5.2-r0
4.6.1-r0

5.*

5.1.1-r0
5.1.1-r1
5.1.1-r2
5.1.1-r3
5.1.3-r0
5.2.0-r0
5.2.0-r1
5.2.0-r2
5.2.2-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.1-r0
5.3.1-r1
5.3.1-r2
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.2-r9
5.3.2-r10
5.3.3-r0
5.3.4-r0
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.4.0-r0
5.4.0-r1
5.5.0-r0
5.5.0-r1
5.5.1-r0
5.5.1-r1
5.5.2-r0
5.5.2-r1
5.5.3-r0
5.5.3-r1
5.6.0-r0
5.6.0-r1
5.6.1-r0
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.3-r1
5.6.3-r2
5.7.0-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.2-r0
5.7.2-r1
5.8.0-r0
5.8.0-r1
5.8.1-r0
5.8.1-r1
5.8.2-r0
5.8.3-r0
5.8.4-r0
5.8.4-r1
5.8.4-r2
5.9.0-r0
5.9.0-r1
5.9.1-r0
5.9.1-r1
5.9.1-r2

Alpine:v3.19 / strongswan

Package

Name
strongswan
Purl
pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.1-r3

Affected versions

4.*

4.5.2-r0
4.6.1-r0

5.*

5.1.1-r0
5.1.1-r1
5.1.1-r2
5.1.1-r3
5.1.3-r0
5.2.0-r0
5.2.0-r1
5.2.0-r2
5.2.2-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.1-r0
5.3.1-r1
5.3.1-r2
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.2-r9
5.3.2-r10
5.3.3-r0
5.3.4-r0
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.4.0-r0
5.4.0-r1
5.5.0-r0
5.5.0-r1
5.5.1-r0
5.5.1-r1
5.5.2-r0
5.5.2-r1
5.5.3-r0
5.5.3-r1
5.6.0-r0
5.6.0-r1
5.6.1-r0
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.3-r1
5.6.3-r2
5.7.0-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.2-r0
5.7.2-r1
5.8.0-r0
5.8.0-r1
5.8.1-r0
5.8.1-r1
5.8.2-r0
5.8.3-r0
5.8.4-r0
5.8.4-r1
5.8.4-r2
5.9.0-r0
5.9.0-r1
5.9.1-r0
5.9.1-r1
5.9.1-r2

Alpine:v3.20 / strongswan

Package

Name
strongswan
Purl
pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.1-r3

Affected versions

4.*

4.5.2-r0
4.6.1-r0

5.*

5.1.1-r0
5.1.1-r1
5.1.1-r2
5.1.1-r3
5.1.3-r0
5.2.0-r0
5.2.0-r1
5.2.0-r2
5.2.2-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.1-r0
5.3.1-r1
5.3.1-r2
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.2-r9
5.3.2-r10
5.3.3-r0
5.3.4-r0
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.4.0-r0
5.4.0-r1
5.5.0-r0
5.5.0-r1
5.5.1-r0
5.5.1-r1
5.5.2-r0
5.5.2-r1
5.5.3-r0
5.5.3-r1
5.6.0-r0
5.6.0-r1
5.6.1-r0
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.3-r1
5.6.3-r2
5.7.0-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.2-r0
5.7.2-r1
5.8.0-r0
5.8.0-r1
5.8.1-r0
5.8.1-r1
5.8.2-r0
5.8.3-r0
5.8.4-r0
5.8.4-r1
5.8.4-r2
5.9.0-r0
5.9.0-r1
5.9.1-r0
5.9.1-r1
5.9.1-r2

Alpine:v3.21 / strongswan

Package

Name
strongswan
Purl
pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.1-r3

Affected versions

4.*

4.5.2-r0
4.6.1-r0

5.*

5.1.1-r0
5.1.1-r1
5.1.1-r2
5.1.1-r3
5.1.3-r0
5.2.0-r0
5.2.0-r1
5.2.0-r2
5.2.2-r0
5.3.0-r0
5.3.0-r1
5.3.0-r2
5.3.1-r0
5.3.1-r1
5.3.1-r2
5.3.2-r0
5.3.2-r1
5.3.2-r2
5.3.2-r3
5.3.2-r4
5.3.2-r5
5.3.2-r6
5.3.2-r7
5.3.2-r8
5.3.2-r9
5.3.2-r10
5.3.3-r0
5.3.4-r0
5.3.5-r0
5.3.5-r1
5.3.5-r2
5.4.0-r0
5.4.0-r1
5.5.0-r0
5.5.0-r1
5.5.1-r0
5.5.1-r1
5.5.2-r0
5.5.2-r1
5.5.3-r0
5.5.3-r1
5.6.0-r0
5.6.0-r1
5.6.1-r0
5.6.2-r0
5.6.2-r1
5.6.3-r0
5.6.3-r1
5.6.3-r2
5.7.0-r0
5.7.1-r0
5.7.1-r1
5.7.1-r2
5.7.2-r0
5.7.2-r1
5.8.0-r0
5.8.0-r1
5.8.1-r0
5.8.1-r1
5.8.2-r0
5.8.3-r0
5.8.4-r0
5.8.4-r1
5.8.4-r2
5.9.0-r0
5.9.0-r1
5.9.1-r0
5.9.1-r1
5.9.1-r2

Debian:11 / strongswan

Package

Name
strongswan
Purl
pkg:deb/debian/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.1-1+deb11u1

Affected versions

5.*

5.9.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / strongswan

Package

Name
strongswan
Purl
pkg:deb/debian/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / strongswan

Package

Name
strongswan
Purl
pkg:deb/debian/strongswan?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/strongswan/strongswan

Affected ranges

Type
GIT
Repo
https://github.com/strongswan/strongswan
Events

Affected versions

4.*

4.2.10
4.2.11
4.2.12
4.2.13
4.2.14
4.3.0
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.5rc1
4.3.6
4.4.0
4.4.1
4.5.0
4.5.1
4.5.2
4.5.3
4.6.0
4.6.1
4.6.2
4.6.3

5.*

5.0.0
5.0.1
5.0.2
5.0.2dr4
5.0.2rc1
5.0.3
5.0.3dr1
5.0.3dr2
5.0.3dr3
5.0.3rc1
5.0.4
5.1.0
5.1.0dr1
5.1.0dr2
5.1.0rc1
5.1.1
5.1.1dr1
5.1.1dr2
5.1.1dr3
5.1.1dr4
5.1.1rc1
5.1.2
5.1.2.dr2
5.1.2dr1
5.1.2dr3
5.1.2rc1
5.1.2rc2
5.1.3
5.1.3dr1
5.1.3rc1
5.2.0
5.2.0dr1
5.2.0dr2
5.2.0dr3
5.2.0dr4
5.2.0dr5
5.2.0dr6
5.2.0rc1
5.2.1
5.2.1dr1
5.2.1rc1
5.2.2
5.2.2dr1
5.2.2rc1
5.3.0
5.3.0dr1
5.3.0rc1
5.3.1
5.3.1dr1
5.3.1rc1
5.3.2
5.3.3
5.3.3dr1
5.3.3dr3
5.3.3dr4
5.3.3dr5
5.3.3dr6
5.3.3rc2
5.3.4
5.3.4dr1
5.3.4dr2
5.3.4dr3
5.3.4rc1
5.3.5
5.4.0
5.4.0dr1
5.4.0dr2
5.4.0dr3
5.4.0dr4
5.4.0dr5
5.4.0dr6
5.4.0dr7
5.4.0dr8
5.4.0rc1
5.4.1dr1
5.4.1dr2
5.4.1dr3
5.4.1dr4
5.5.0
5.5.0dr1
5.5.0rc1
5.5.1
5.5.1dr1
5.5.1dr2
5.5.1dr3
5.5.1dr4
5.5.1dr5
5.5.1rc1
5.5.1rc2
5.5.2
5.5.2dr1
5.5.2dr2
5.5.2dr3
5.5.2dr4
5.5.2dr5
5.5.2dr6
5.5.2dr7
5.5.2rc1
5.5.3
5.5.3dr1
5.5.3dr2
5.6.0
5.6.0dr1
5.6.0dr2
5.6.0dr3
5.6.0dr4
5.6.0rc1
5.6.0rc2
5.6.1
5.6.1dr1
5.6.1dr2
5.6.1dr3
5.6.1rc1
5.6.2
5.6.2dr1
5.6.2dr2
5.6.2dr3
5.6.2dr4
5.6.2rc1
5.6.3
5.6.3dr1
5.6.3dr2
5.6.3rc1
5.7.0
5.7.0dr1
5.7.0dr2
5.7.0dr3
5.7.0dr4
5.7.0dr5
5.7.0dr6
5.7.0dr8
5.7.0rc1
5.7.0rc2
5.7.1
5.7.2
5.7.2dr1
5.7.2dr2
5.7.2dr3
5.7.2dr4
5.7.2rc1
5.8.0
5.8.0dr2
5.8.0rc1
5.8.1
5.8.1dr1
5.8.1rc2
5.8.2
5.8.2dr1
5.8.2dr2
5.8.2rc1
5.8.2rc2
5.8.3
5.8.3rc1
5.8.4
5.9.0
5.9.0dr1
5.9.0dr2
5.9.0rc1
5.9.1
5.9.1dr1
5.9.1rc1
5.9.2
5.9.2dr1
5.9.2dr2
5.9.2rc1
5.9.2rc2
5.9.3
5.9.3dr1
5.9.3dr2
5.9.3dr3
5.9.3dr4
5.9.3rc1
5.9.4dr1
5.9.4dr2
5.9.4dr3
5.9.4rc1

android-2.*

android-2.3.3
android-2.3.3-1