USN-3301-1: strongSwan vulnerabilities

30 May 2017

strongSwan could be made to crash or hang if it received specially crafted network traffic.

Releases

Packages

Details

It was discovered that the strongSwan gmp plugin incorrectly validated RSA
public keys. A remote attacker could use this issue to cause strongSwan to
crash, resulting in a denial of service. (CVE-2017-9022)

It was discovered that strongSwan incorrectly parsed ASN.1 CHOICE types. A
remote attacker could use this issue to cause strongSwan to hang, resulting
in a denial of service. (CVE-2017-9023)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 17.04
Ubuntu 16.10
Ubuntu 16.04
Ubuntu 14.04

In general, a standard system update will make all the necessary changes.