USN-6488-2

See a problem?
Source
https://ubuntu.com/security/notices/USN-6488-2
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6488-2.json
JSON Data
https://api.osv.dev/v1/vulns/USN-6488-2
Related
Published
2023-12-14T21:21:52.379748Z
Modified
2023-12-14T21:21:52.379748Z
Summary
strongswan vulnerability
Details

USN-6488-1 fixed a vulnerability in strongSwan. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Original advisory details:

Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code.

References

Affected packages

Ubuntu:Pro:18.04:LTS / strongswan

Package

Name
strongswan

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.6.2-1ubuntu2.9+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "charon-systemd": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-nm": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-tnc-ifmap": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-tnc-client": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-libcharon": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-tnc-base": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-scepclient": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-tnc-pdp": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-tnc-server": "5.6.2-1ubuntu2.9+esm1",
            "libcharon-extra-plugins": "5.6.2-1ubuntu2.9+esm1",
            "charon-cmd": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-charon": "5.6.2-1ubuntu2.9+esm1",
            "libcharon-standard-plugins": "5.6.2-1ubuntu2.9+esm1",
            "libstrongswan": "5.6.2-1ubuntu2.9+esm1",
            "strongswan": "5.6.2-1ubuntu2.9+esm1",
            "libstrongswan-standard-plugins": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-starter": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-pki": "5.6.2-1ubuntu2.9+esm1",
            "libstrongswan-extra-plugins": "5.6.2-1ubuntu2.9+esm1",
            "strongswan-swanctl": "5.6.2-1ubuntu2.9+esm1"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / strongswan

Package

Name
strongswan

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.5-1ubuntu3.8+esm4

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "strongswan-plugin-attr-sql": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-radattr": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-simaka-sql": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-sim-file": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-systime-fix": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-led": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-tnc-server": "5.3.5-1ubuntu3.8+esm4",
            "libcharon-extra-plugins": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-simaka-pseudonym": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-charon": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-tls": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-sim": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-coupling": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-xauth-noauth": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-ikev1": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-sshkey": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-aka": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-unity": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-tnc-client": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-mysql": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-dynamic": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-ttls": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-gcrypt": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-libcharon": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-tnc-base": "5.3.5-1ubuntu3.8+esm4",
            "libstrongswan": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-ldap": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-tnc-pdp": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-sqlite": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-simaka-reauth": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-xauth-generic": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-md5": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-duplicheck": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-af-alg": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-error-notify": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-starter": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-radius": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-tnc": "5.3.5-1ubuntu3.8+esm4",
            "libstrongswan-extra-plugins": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-fips-prf": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-nm": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-load-tester": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-certexpire": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-kernel-libipsec": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-gtc": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-dhcp": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-soup": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-ipseckey": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-xauth-pam": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-farp": "5.3.5-1ubuntu3.8+esm4",
            "charon-cmd": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-ikev2": "5.3.5-1ubuntu3.8+esm4",
            "strongswan": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-whitelist": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-agent": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-ntru": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-pkcs11": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-ike": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-gmp": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-openssl": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-dnskey": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-peap": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-sim-pcsc": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-tnc-ifmap": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-pgp": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-xauth-eap": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-aka-3gpp2": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-eap-mschapv2": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-sql": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-pubkey": "5.3.5-1ubuntu3.8+esm4",
            "libstrongswan-standard-plugins": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-dnscert": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-lookip": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-curl": "5.3.5-1ubuntu3.8+esm4",
            "strongswan-plugin-unbound": "5.3.5-1ubuntu3.8+esm4"
        }
    ]
}