CVE-2021-41990: Integer Overflow
First published: Mon Oct 18 2021(Updated: )
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/strongswan | 5.7.2-1+deb10u2 5.7.2-1+deb10u3 5.9.1-1+deb11u3 5.9.8-5 5.9.11-1 | |
| strongSwan | >=5.6.1<5.9.4 | |
| Debian Linux | =10.0 | |
| Debian Linux | =11.0 | |
| Red Hat Fedora | =33 | |
| Red Hat Fedora | =34 | |
| Red Hat Fedora | =35 | |
| All of | ||
| Siemens 6GK6108-4AM00-2BA2 | ||
| Siemens 6GK6108-4AM00-2BA2 Firmware | ||
| All of | ||
| Siemens 6GK6108-4AM00-2DA2 | ||
| Siemens 6GK6108-4AM00-2DA2 Firmware | ||
| All of | ||
| Siemens 6GK5804-0AP00-2AA2 | ||
| Siemens 6GK5804-0AP00-2AA2 Firmware | ||
| All of | ||
| Siemens 6GK5812-1AA00-2AA2 | ||
| Siemens 6GK5812-1AA00-2AA2 | ||
| All of | ||
| Siemens 6GK5812-1BA00-2AA2 | ||
| Siemens 6GK5812-1BA00-2AA2 Firmware | ||
| All of | ||
| Siemens 6GK5816-1BA00-2AA2 Firmware | ||
| Siemens 6GK5816-1BA00-2AA2 Firmware | ||
| All of | ||
| Siemens 6GK5816-1BA00-2AA2 | ||
| Siemens 6GK5816-1BA00-2AA2 Firmware | ||
| All of | ||
| Siemens 6GK5826-2AB00-2AB2 | ||
| Siemens 6GK5826-2AB00-2AB2 Firmware | ||
| All of | ||
| Siemens 6GK5874-2AA00-2AA2 | ||
| Siemens 6GK5874-2AA00-2AA2 Firmware | ||
| All of | ||
| Siemens 6GK5874-3AA00-2AA2 | ||
| Siemens 6GK5874-3AA00-2AA2 Firmware | ||
| All of | ||
| Siemens 6GK5876-3AA02-2EA2 | ||
| Siemens 6GK5876-3AA02-2BA2 Firmware | ||
| All of | ||
| Siemens 6GK5876-3AA02-2EA2 | ||
| Siemens 6GK5876-3AA02-2EA2 Firmware | ||
| All of | ||
| Siemens 6GK5876-4AA00-2BA2 | ||
| Siemens 6GK5876-4AA00-2DA2 | ||
| All of | ||
| Siemens 6GK5876 Firmware | ||
| Siemens 6GK5876-4AA00-2DA2 Firmware | ||
| All of | ||
| Siemens 6GK5856-2EA00-3DA1 | ||
| Siemens 6GK Series | ||
| All of | ||
| Siemens 6GK5856-2EA00-3DA1 Firmware | ||
| Siemens 6GK5856-2EA00-3AA1 Firmware | ||
| All of | ||
| Siemens 6GK5615-0AA00-2AA2 | ||
| Siemens 6GK5615-0AA00-2AA2 Firmware | ||
| Siemens 6GK6108-4AM00-2BA2 | ||
| Siemens 6GK6108-4AM00-2BA2 Firmware | ||
| Siemens 6GK6108-4AM00-2DA2 | ||
| Siemens 6GK6108-4AM00-2DA2 Firmware | ||
| Siemens 6GK5804-0AP00-2AA2 | ||
| Siemens 6GK5804-0AP00-2AA2 Firmware | ||
| Siemens 6GK5812-1AA00-2AA2 | ||
| Siemens 6GK5812-1AA00-2AA2 | ||
| Siemens 6GK5812-1BA00-2AA2 | ||
| Siemens 6GK5812-1BA00-2AA2 Firmware | ||
| Siemens 6GK5816-1BA00-2AA2 Firmware | ||
| Siemens 6GK5816-1BA00-2AA2 Firmware | ||
| Siemens 6GK5816-1BA00-2AA2 | ||
| Siemens 6GK5816-1BA00-2AA2 Firmware | ||
| Siemens 6GK5826-2AB00-2AB2 | ||
| Siemens 6GK5826-2AB00-2AB2 Firmware | ||
| Siemens 6GK5874-2AA00-2AA2 | ||
| Siemens 6GK5874-2AA00-2AA2 Firmware | ||
| Siemens 6GK5874-3AA00-2AA2 | ||
| Siemens 6GK5874-3AA00-2AA2 Firmware | ||
| Siemens 6GK5876-3AA02-2EA2 | ||
| Siemens 6GK5876-3AA02-2BA2 Firmware | ||
| Siemens 6GK5876-3AA02-2EA2 | ||
| Siemens 6GK5876-3AA02-2EA2 Firmware | ||
| Siemens 6GK5876-4AA00-2BA2 | ||
| Siemens 6GK5876-4AA00-2DA2 | ||
| Siemens 6GK5876 Firmware | ||
| Siemens 6GK5876-4AA00-2DA2 Firmware | ||
| Siemens 6GK5856-2EA00-3DA1 | ||
| Siemens 6GK Series | ||
| Siemens 6GK5856-2EA00-3DA1 Firmware | ||
| Siemens 6GK5856-2EA00-3AA1 Firmware | ||
| Siemens 6GK5615-0AA00-2AA2 | ||
| Siemens 6GK5615-0AA00-2AA2 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41990).html
- https://security-tracker.debian.org/tracker/CVE-2021-41990
- https://cert-portal.siemens.com/productcert/pdf/ssa-539476.pdf
- https://github.com/strongswan/strongswan/releases/tag/5.9.4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5FJSATD2R2XHTG4P63GCMQ2N7EWKMME5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQSQ3BEC22NF4NCDZVCT4P3Q2ZIAJXGJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3TQ32JLJOBJDB2EJKSX2PBPB5NFG2D4/
- https://www.debian.org/security/2021/dsa-4989
- https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-%28cve-2021-41990%29.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5FJSATD2R2XHTG4P63GCMQ2N7EWKMME5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQSQ3BEC22NF4NCDZVCT4P3Q2ZIAJXGJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3TQ32JLJOBJDB2EJKSX2PBPB5NFG2D4/
Frequently Asked Questions
What is CVE-2021-41990?
CVE-2021-41990 is a vulnerability in the gmp plugin in strongSwan before version 5.9.4.
How does CVE-2021-41990 work?
CVE-2021-41990 is a remote integer overflow vulnerability that can be triggered by a crafted certificate with an RSASSA-PSS signature.
What is the severity of CVE-2021-41990?
CVE-2021-41990 has a severity rating of 7.5 (high).
Is remote code execution possible with CVE-2021-41990?
No, remote code execution cannot occur with CVE-2021-41990.
How can I fix CVE-2021-41990?
You can fix CVE-2021-41990 by updating to strongSwan version 5.9.4 or later.
- collector/security-tracker-debian
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- package-manager/debian
- vendor/strongswan
- canonical/strongswan
- version/strongswan/5.6.1
- vendor/debian
- canonical/debian linux
- version/debian linux/10.0
- version/debian linux/11.0
- vendor/fedoraproject
- canonical/red hat fedora
- version/red hat fedora/33
- version/red hat fedora/34
- version/red hat fedora/35
- vendor/siemens
- canonical/siemens 6gk6108-4am00-2ba2
- canonical/siemens 6gk6108-4am00-2ba2 firmware
- canonical/siemens 6gk6108-4am00-2da2
- canonical/siemens 6gk6108-4am00-2da2 firmware
- canonical/siemens 6gk5804-0ap00-2aa2
- canonical/siemens 6gk5804-0ap00-2aa2 firmware
- canonical/siemens 6gk5812-1aa00-2aa2
- canonical/siemens 6gk5812-1ba00-2aa2
- canonical/siemens 6gk5812-1ba00-2aa2 firmware
- canonical/siemens 6gk5816-1ba00-2aa2 firmware
- canonical/siemens 6gk5816-1ba00-2aa2
- canonical/siemens 6gk5826-2ab00-2ab2
- canonical/siemens 6gk5826-2ab00-2ab2 firmware
- canonical/siemens 6gk5874-2aa00-2aa2
- canonical/siemens 6gk5874-2aa00-2aa2 firmware
- canonical/siemens 6gk5874-3aa00-2aa2
- canonical/siemens 6gk5874-3aa00-2aa2 firmware
- canonical/siemens 6gk5876-3aa02-2ea2
- canonical/siemens 6gk5876-3aa02-2ba2 firmware
- canonical/siemens 6gk5876-3aa02-2ea2 firmware
- canonical/siemens 6gk5876-4aa00-2ba2
- canonical/siemens 6gk5876-4aa00-2da2
- canonical/siemens 6gk5876 firmware
- canonical/siemens 6gk5876-4aa00-2da2 firmware
- canonical/siemens 6gk5856-2ea00-3da1
- canonical/siemens 6gk series
- canonical/siemens 6gk5856-2ea00-3da1 firmware
- canonical/siemens 6gk5856-2ea00-3aa1 firmware
- canonical/siemens 6gk5615-0aa00-2aa2
- canonical/siemens 6gk5615-0aa00-2aa2 firmware