Actions
Bug #8746
closed
StrongSwan 4.4.0 -> 5.6.2 buffer underflow leading to denial of service - CVE-2018-5388
Start date:
08/03/2018
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.3_1
Affected Architecture:
All
Description
StrongSwan 5.6.3 was been released on May 31, 2018 to address this issue.
My reading of this issue is it can be exploited "only" via local users, hence the "Normal" priority.
Sources:
https://nvd.nist.gov/vuln/detail/CVE-2018-5388
https://www.strongswan.org/blog/2018/05/28/strongswan-vulnerability-(cve-2018-5388).html
Updated by Jim Pingle over 6 years ago
- Status changed from New to Resolved
- Target version set to 2.4.4
strongSwan 5.6.3 is already in 2.4.4 snapshots.
Actions