Lahav Schlesinger discovered a vulnerability in the revocation plugin of strongSwan, an IKE/IPsec suite. The revocation plugin uses OCSP URIs and CRL distribution points (CDP) which come from certificates provided by the remote endpoint. The plugin didn't check for the certificate chain of trust before using those URIs, so an attacker could provided a crafted certificate containing URIs pointing to servers under their control, potentially leading to denial-of-service attacks. For the stable distribution (bullseye), this problem has been fixed in version 5.9.1-1+deb11u3. We recommend that you upgrade your strongswan packages. For the detailed security status of strongswan please refer to its security tracker page at: https://security-tracker.debian.org/tracker/strongswan
Lahav Schlesinger discovered a vulnerability in the revocation plugin of strongSwan, an IKE/IPsec suite.
The revocation plugin uses OCSP URIs and CRL distribution points (CDP) which come from certificates provided by the remote endpoint. The plugin didn't check for the certificate chain of trust before using those URIs, so an attacker could provided a crafted certificate containing URIs pointing to servers under their control, potentially leading to denial-of-service attacks.
For the stable distribution (bullseye), this problem has been fixed in version 5.9.1-1+deb11u3.
We recommend that you upgrade your strongswan packages.
For the detailed security status of strongswan please refer to its security tracker page at: https://security-tracker.debian.org/tracker/strongswan