Key Information about the strongSwan Vulnerabilities Vulnerability Overview Release Date: September 25, 2018 Description: Multiple security issues in strongSwan have been fixed. Vulnerability Details CVE-2018-10811 Issue: strongSwan improperly handles IKEv2 key derivation. Impact: Remote attackers could exploit this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2018-16151, CVE-2018-16152 Issue: strongSwan improperly handles OIDs and certain parameter fields in the gmp plugin. Impact: Remote attackers could exploit this issue to bypass authorization. CVE-2018-5388 Issue: strongSwan improperly handles the stroke plugin. Impact: Local administrators could exploit this issue to cause a denial of service or execute arbitrary code. Update Instructions Recommendation: Patch via standard system updates. Specific Versions: - 18.04 LTS (bionic): - libstrongswan: 5.6.2-1ubuntu2.2 - strongswan: 5.6.2-1ubuntu2.2 - 16.04 LTS (xenial): - libstrongswan: 5.3.5-1ubuntu3.7 - strongswan: 5.3.5-1ubuntu3.7 - 14.04 LTS (trusty): - libstrongswan: 5.1.2-0ubuntu2.10 - strongswan: 5.1.2-0ubuntu2.10