StarlingX

[Debian] Critical CVE: CVE-2023-41913 strongswan: potential buffer overflow

Bug #2044204 reported by Yue Tao on 2023-11-22

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	StarlingX	Fix Released	High	Peng Zhang

Bug Description

CVE-2023-41913: https://nvd.nist.gov/vuln/detail/CVE-2023-41913

None

Base Score: Critical

Reference:

['libstrongswan_5.9.1-1+deb11u3_amd64.deb===>libstrongswan_5.9.1-1+deb11u4_amd64.deb', 'strongswan_5.9.1-1+deb11u3_all.deb===>strongswan_5.9.1-1+deb11u4_all.deb', 'strongswan-charon_5.9.1-1+deb11u3_amd64.deb===>strongswan-charon_5.9.1-1+deb11u4_amd64.deb', 'strongswan-libcharon_5.9.1-1+deb11u3_amd64.deb===>strongswan-libcharon_5.9.1-1+deb11u4_amd64.deb', 'strongswan-starter_5.9.1-1+deb11u3_amd64.deb===>strongswan-starter_5.9.1-1+deb11u4_amd64.deb']
https://www.debian.org/security/2023/dsa-5560
https://www.tenable.com/plugins/nessus/186027

Tags:

CVE References

2023-41913

Yue Tao (wrytao) on 2023-11-22

tags:	added: stx.9.0 stx.security removed: stx.se
summary:	- [Debian] Critical CVE: CVE-2023-41913 strongswan + [Debian] Critical CVE: CVE-2023-41913 strongswan: potential buffer + overflow

Peng Zhang (pzhang2) on 2023-11-29

Changed in starlingx:
assignee:	nobody → Peng Zhang (pzhang2)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-11-30: Fix proposed to tools (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/tools/+/902307

Changed in starlingx:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-11-30: Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/902307
Committed: https://opendev.org/starlingx/tools/commit/6a18e6e6e7f4b72f8f30ba215279dc721f77e487
Submitter: "Zuul (22348)"
Branch: master

commit 6a18e6e6e7f4b72f8f30ba215279dc721f77e487
Author: Peng Zhang <email address hidden>
Date: Thu Nov 30 22:46:59 2023 +0800

Debian: strongswan: fix CVE-2023-41913

    Upgrade libstrongswan, strongswan, strongswan-charon,
    strongswan-libcharon, strongswan-starter from
    5.9.1-1+deb11u3 to 5.9.1-1+deb11u4 to fix CVE-2023-41913.

And dependency strongswan-swanctl also need be upgraded
from 5.9.1-1+deb11u3 to 5.9.1-1+deb11u4.

Refer to:
https://nvd.nist.gov/vuln/detail/CVE-2023-41913

    Test Plan:
    Pass: downloader
    Pass: build-pkgs --clean --all
    Pass: build-image
    Pass: boot

Closes-bug: #2044204

Change-Id: I63e9d86cdf657a0ae459afe9f04e07f2a3ee0398
Signed-off-by: Peng Zhang <email address hidden>

Changed in starlingx:
status:	In Progress → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.