CVE-2022-40617

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-40617
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-40617.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-40617
Downstream
Related
Published
2022-10-31T06:15:09.887Z
Modified
2026-03-13T11:31:00.565279Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data.

References

Affected packages

Git / github.com/strongswan/strongswan

Affected ranges

Type
GIT
Repo
https://github.com/strongswan/strongswan
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e09bc70d124554f8ee892f3ee4a988ce6d2e7c90
Introduced
068b9c0b76ee8d7baa3da4dc9fe998e01fdbad20
Fixed
72a1b2e3089ca3814a7741fb162620b7215e5807
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.9.8"
        },
        {
            "introduced": "4.5.1"
        },
        {
            "fixed": "4.6.0"
        }
    ]
}

Affected versions

4.*
4.5.1
4.5.2
4.5.3
4.6.0
4.6.1
4.6.2
4.6.3
5.*
5.0.0
5.0.1
5.0.2
5.0.2dr4
5.0.2rc1
5.0.3
5.0.3dr1
5.0.3dr2
5.0.3dr3
5.0.3rc1
5.0.4
5.1.0
5.1.0dr1
5.1.0dr2
5.1.0rc1
5.1.1
5.1.1dr1
5.1.1dr2
5.1.1dr3
5.1.1dr4
5.1.1rc1
5.1.2
5.1.2.dr2
5.1.2dr1
5.1.2dr3
5.1.2rc1
5.1.2rc2
5.1.3
5.1.3dr1
5.1.3rc1
5.2.0
5.2.0dr1
5.2.0dr2
5.2.0dr3
5.2.0dr4
5.2.0dr5
5.2.0dr6
5.2.0rc1
5.2.1
5.2.1dr1
5.2.1rc1
5.2.2
5.2.2dr1
5.2.2rc1
5.3.0
5.3.0dr1
5.3.0rc1
5.3.1
5.3.1dr1
5.3.1rc1
5.3.2
5.3.3
5.3.3dr1
5.3.3dr3
5.3.3dr4
5.3.3dr5
5.3.3dr6
5.3.3rc2
5.3.4
5.3.4dr1
5.3.4dr2
5.3.4dr3
5.3.4rc1
5.3.5
5.4.0
5.4.0dr1
5.4.0dr2
5.4.0dr3
5.4.0dr4
5.4.0dr5
5.4.0dr6
5.4.0dr7
5.4.0dr8
5.4.0rc1
5.4.1dr1
5.4.1dr2
5.4.1dr3
5.4.1dr4
5.5.0
5.5.0dr1
5.5.0rc1
5.5.1
5.5.1dr1
5.5.1dr2
5.5.1dr3
5.5.1dr4
5.5.1dr5
5.5.1rc1
5.5.1rc2
5.5.2
5.5.2dr1
5.5.2dr2
5.5.2dr3
5.5.2dr4
5.5.2dr5
5.5.2dr6
5.5.2dr7
5.5.2rc1
5.5.3
5.5.3dr1
5.5.3dr2
5.6.0
5.6.0dr1
5.6.0dr2
5.6.0dr3
5.6.0dr4
5.6.0rc1
5.6.0rc2
5.6.1
5.6.1dr1
5.6.1dr2
5.6.1dr3
5.6.1rc1
5.6.2
5.6.2dr1
5.6.2dr2
5.6.2dr3
5.6.2dr4
5.6.2rc1
5.6.3
5.6.3dr1
5.6.3dr2
5.6.3rc1
5.7.0
5.7.0dr1
5.7.0dr2
5.7.0dr3
5.7.0dr4
5.7.0dr5
5.7.0dr6
5.7.0dr8
5.7.0rc1
5.7.0rc2
5.7.1
5.7.2
5.7.2dr1
5.7.2dr2
5.7.2dr3
5.7.2dr4
5.7.2rc1
5.8.0
5.8.0dr2
5.8.0rc1
5.8.1
5.8.1dr1
5.8.1rc2
5.8.2
5.8.2dr1
5.8.2dr2
5.8.2rc1
5.8.2rc2
5.8.3
5.8.3rc1
5.8.4
5.9.0
5.9.0dr1
5.9.0dr2
5.9.0rc1
5.9.1
5.9.1dr1
5.9.1rc1
5.9.2
5.9.2dr1
5.9.2dr2
5.9.2rc1
5.9.2rc2
5.9.3
5.9.3dr1
5.9.3dr2
5.9.3dr3
5.9.3dr4
5.9.3rc1
5.9.4
5.9.4dr1
5.9.4dr2
5.9.4dr3
5.9.4rc1
5.9.5
5.9.5dr1
5.9.5dr2
5.9.5dr3
5.9.5dr4
5.9.5rc1
5.9.6
5.9.6rc1
5.9.7
5.9.7dr1
5.9.7dr2
5.9.7rc1
5.9.8dr1
5.9.8dr2
5.9.8dr3
5.9.8dr4
5.9.8rc1
android-2.*
android-2.3.3
android-2.3.3-1

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "14.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "16.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "18.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "20.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "22.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "11.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "37"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "3.11.1"
            },
            {
                "fixed": "3.11.20"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "4.3.1"
            },
            {
                "fixed": "4.3.15"
            }
        ]
    }
]
vanir_signatures 
[
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2022-40617-104497a8",
        "target": {
            "file": "src/scepclient/scepclient.c",
            "function": "main"
        },
        "digest": {
            "length": 15429.0,
            "function_hash": "329727258632254325996888576331228235748"
        },
        "signature_version": "v1",
        "source": "https://github.com/strongswan/strongswan/commit/72a1b2e3089ca3814a7741fb162620b7215e5807"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2022-40617-c66752c8",
        "target": {
            "file": "src/scepclient/scepclient.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "318372487100592807782603248850652055128",
                "191378964250929219076766640186664879089",
                "227279917454857959696357758482079942948",
                "289397897288950579549925744982889855308",
                "330694031509858495146969201303390442159",
                "308924465538952239986027488632480257694",
                "3515372627853317527205167152503058613",
                "195676375774350054415641798506347782068",
                "282725140310445569506232913983604477491",
                "82769793694550156531495484439774477454",
                "155781169334603343811059365732274395351"
            ]
        },
        "signature_version": "v1",
        "source": "https://github.com/strongswan/strongswan/commit/72a1b2e3089ca3814a7741fb162620b7215e5807"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-40617.json"