CVE-2018-5388 in Ubuntu

CVE-2018-5388

Priority

Description

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length
check could allow a buffer underflow, which may lead to resource exhaustion
and denial of service while reading from the socket.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5388
https://www.kb.cert.org/vuls/id/338343
https://www.strongswan.org/blog/2018/05/28/strongswan-vulnerability-(cve-2018-5388).html
https://ubuntu.com/security/notices/USN-3771-1

Notes

mdeslaur

root needed to access socket, only DoS

Package

Source: strongswan (LP Ubuntu Debian)

Upstream:	released (5.6.3)
Ubuntu 18.04 LTS:	released (5.6.2-1ubuntu2.2)
Ubuntu 16.04 ESM:	released (5.3.5-1ubuntu3.7)
Ubuntu 14.04 ESM:	released (5.1.2-0ubuntu2.10)

Patches:

Upstream:

https://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=0acd1ab4

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-04-13 13:33:22 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)