Vulnerability Description
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Strongswan | Strongswan | >= 5.6.1, < 5.9.4 |
| Debian | Debian Linux | 10.0 |
| Fedoraproject | Fedora | 33 |
| Siemens | 6Gk6108-4Am00-2Ba2 Firmware | - |
| Siemens | 6Gk6108-4Am00-2Ba2 | - |
| Siemens | 6Gk6108-4Am00-2Da2 Firmware | - |
| Siemens | 6Gk6108-4Am00-2Da2 | - |
| Siemens | 6Gk5804-0Ap00-2Aa2 Firmware | - |
| Siemens | 6Gk5804-0Ap00-2Aa2 | - |
| Siemens | 6Gk5812-1Aa00-2Aa2 Firmware | - |
| Siemens | 6Gk5812-1Aa00-2Aa2 | - |
| Siemens | 6Gk5812-1Ba00-2Aa2 Firmware | - |
| Siemens | 6Gk5812-1Ba00-2Aa2 | - |
| Siemens | 6Gk5816-1Aa00-2Aa2 Firmware | - |
| Siemens | 6Gk5816-1Aa00-2Aa2 | - |
| Siemens | 6Gk5816-1Ba00-2Aa2 Firmware | - |
| Siemens | 6Gk5816-1Ba00-2Aa2 | - |
| Siemens | 6Gk5826-2Ab00-2Ab2 Firmware | - |
| Siemens | 6Gk5826-2Ab00-2Ab2 | - |
| Siemens | 6Gk5874-2Aa00-2Aa2 Firmware | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-539476.pdfThird Party Advisory
- https://github.com/strongswan/strongswan/releases/tag/5.9.4Release NotesThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://www.debian.org/security/2021/dsa-4989Third Party Advisory
- https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-%28cve-2021-
- https://cert-portal.siemens.com/productcert/pdf/ssa-539476.pdfThird Party Advisory
- https://github.com/strongswan/strongswan/releases/tag/5.9.4Release NotesThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://www.debian.org/security/2021/dsa-4989Third Party Advisory
- https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-%28cve-2021-
FAQ
What is CVE-2021-41990?
CVE-2021-41990 is a vulnerability with a CVSS score of 7.5 (HIGH). The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certif...
How severe is CVE-2021-41990?
CVE-2021-41990 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-41990?
Check the references section above for vendor advisories and patch information. Affected products include: Strongswan Strongswan, Debian Debian Linux, Fedoraproject Fedora, Siemens 6Gk6108-4Am00-2Ba2 Firmware, Siemens 6Gk6108-4Am00-2Ba2.