CVE-2018-16151

HIGH7.5EPSS 1.7%

strongswan - security update

發布日:2018/9/26修改日:2025/12/3

也稱為:ALPINE-CVE-2018-16151DEBIAN-CVE-2018-16151

描述

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication.

受影響套件(4)

Alpine/strongswanfrom 0, < 5.7.0-r0
Debian/strongswanfrom 0, < 5.7.0-1
Debian/strongswanfrom 0, < 5.2.1-6+deb8u7
Debian/strongswanfrom 0, < 5.5.1-4+deb9u3

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

參考連結(2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2018-16151
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2018-16151