CVE-2022-40617

NameCVE-2022-40617
DescriptionstrongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3143-1, DSA-5249-1
Debian Bugs1021271

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
strongswan (PTS)buster5.7.2-1+deb10u2vulnerable
buster (security)5.7.2-1+deb10u3fixed
bullseye5.9.1-1+deb11u2vulnerable
bullseye (security)5.9.1-1+deb11u3fixed
bookworm, sid5.9.8-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
strongswansourcebuster5.7.2-1+deb10u3DLA-3143-1
strongswansourcebullseye5.9.1-1+deb11u3DSA-5249-1
strongswansource(unstable)5.9.8-11021271

Notes

https://www.strongswan.org/blog/2022/10/03/strongswan-vulnerability-(cve-2022-40617).html
Patch: https://download.strongswan.org/security/CVE-2022-40617/

Search for package or bug name: Reporting problems