Buffer Underflow in strongSwan Affects VPN Functionality
CVE-2018-5388

6.5MEDIUM

Key Information:

Vendor: Strongswan
Status: Strongswan
Vendor: CVE Published:; 31 May 2018

What is CVE-2018-5388?

In strongSwan versions prior to 5.6.3, a vulnerability exists due to a missing packet length check in the stroke_socket.c file. This oversight allows for a buffer underflow that could cause resource exhaustion and result in a denial of service while handling socket communications. It's critical for users to upgrade to a secure version to mitigate potential impacts on their VPN operations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

strongSwan 5.6.3

References

http://www.kb.cert.org/vuls/id/338343

third-party-advisory

https://security.gentoo.org/glsa/201811-16

vendor-advisory

https://git.strongswan.org/?p=strongswan.git%3Ba=commitdi...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 31, 2018
Vulnerability Reserved
Jan 12, 2018

Credit

Thanks to Kevin Backhouse for reporting this vulnerability.

JSON

Strongswan

What is CVE-2018-5388?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.