Blog

Release and vulnerability announcements for strongSwan

strongSwan 5.9.4 Released

We are happy to announce the release of strongSwan 5.9.4, which fixes two denial-of-service vulnerabilities and comes with several other new features and fixes.

Denial-of-Service Vulnerability in the gmp Plugin (CVE-2021-41990)

A denial-of-service vulnerability in the gmp plugin was fixed that was caused by an integer overflow when processing RSASSA-PSS signatures with very large salt lengths. All strongSwan versions since 5.6.1 may be affected.

More information is provided in a separate blog entry.

Denial-of-Service Vulnerability in the In-Memory Certificate Cache (CVE-2021-41991)

A denial-of-service vulnerability in the in-memory certificate cache was fixed. If cached certificates are replaced, very large random values caused an integer overflow that could lead to a segmentation fault. All strongSwan versions since 4.2.10 may be affected.

More information is provided in a separate blog entry.

Also fixed is a related flaw that caused the daemon to accept and cache an infinite number of versions of a valid certificate by modifying the parameters in the signatureAlgorithm field of the outer X.509 Certificate structure.

Other Notable Features and Fixes

Download Complete Changelog