ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
strongswan/src
History
Tobias Brunner 129ab919a8 gmp: Fix buffer overflow with very small RSA keys 
Because `keylen` is unsigned the subtraction results in an integer
underflow if the key length is < 11 bytes.

This is only a problem when verifying signatures with a public key (for
private keys the plugin enforces a minimum modulus length) and to do so
we usually only use trusted keys.  However, the x509 plugin actually
calls issued_by() on a parsed certificate to check if it is self-signed,
which is the reason this issue was found by OSS-Fuzz in the first place.
So, unfortunately, this can be triggered by sending an invalid client
cert to a peer.

Fixes: 5955db5b12 ("gmp: Don't parse PKCS1 v1.5 RSA signatures to verify them")
Fixes: CVE-2018-17540
 		2018-09-26 10:10:48 +02:00
..
_copyright lib: Add global config namespace 2014-02-12 14:34:31 +01:00
_updown _updown: Remove printf calls for identities 2018-04-12 15:17:24 +02:00
aikgen aikgen: Fix computation of key ID of the AIK public key 2016-06-30 12:56:41 +02:00
charon Allow charon to change group on files before dropping caps 2018-06-12 10:25:30 +02:00
charon-cmd Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
charon-nm charon-nm: Parse any type of private key in need_secrets 2018-07-09 12:21:43 +02:00
charon-svc daemon: Use separate method to set default loggers 2017-01-25 14:58:09 +01:00
charon-systemd charon-systemd: Register journal logger as custom logger 2018-06-26 15:24:42 +02:00
charon-tkm keymat_v2: Add support for PPKs 2018-09-10 18:03:01 +02:00
checksum Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
conftest Fixed some typos, courtesy of codespell 2018-09-17 18:51:44 +02:00
frontends android: Disable capabilities in the android app 2018-09-21 11:01:26 +02:00
include kernel-netlink: Add support for setting mark/mask an SA should apply to processed traffic 2018-08-31 12:24:30 +02:00
ipsec Fixed some typos, courtesy of codespell 2018-09-17 18:51:44 +02:00
libcharon Fixed some typos, courtesy of codespell 2018-09-17 18:51:44 +02:00
libfast Fixed some typos, courtesy of codespell 2018-09-17 18:51:44 +02:00
libimcv imv-attestation: Don't use comma to separate statements 2018-09-17 18:51:43 +02:00
libipsec Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
libpttls Fixed some typos, courtesy of codespell 2018-09-17 18:51:44 +02:00
libradius Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
libsimaka Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
libstrongswan gmp: Fix buffer overflow with very small RSA keys 2018-09-26 10:10:48 +02:00
libtls Fixed some typos, courtesy of codespell 2018-09-17 18:51:44 +02:00
libtnccs tnccs-20: Defer handshake retry when sending SRETRY batch 2018-08-01 15:44:49 +02:00
libtncif SWIMA attribute name changes 2017-09-26 20:35:39 +02:00
libtpmtss libtpmtss: Fixed Android.mk 2018-08-10 10:09:43 +02:00
manager manager: Restore direct return if database URI is not defined 2018-09-17 18:51:42 +02:00
medsrv Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
pki signcrl: Remove useless assignment 2018-09-17 18:51:41 +02:00
pool Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
pt-tls-client Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
scepclient Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
sec-updater sec-updater: Make sure `success` is initialized 2017-09-18 12:16:54 +02:00
starter Fixed some typos, courtesy of codespell 2018-09-17 18:51:44 +02:00
stroke Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
sw-collector sw-collector: Proper cleanup if DB query fails in check operation 2018-05-23 20:25:50 +02:00
swanctl swanctl: Document PPKs 2018-09-18 10:12:45 +02:00
tpm_extendpcr tpm_extendpcr: Extend digests into a TPM PCR 2017-12-13 07:10:28 +01:00
Makefile.am dumm: Remove the Dynamic UML Mesh Modeler framework 2018-09-12 15:53:55 +02:00