7.5
CWE
190
Advisory Published
Updated

CVE-2021-41991: Integer Overflow

First published: Mon Oct 18 2021(Updated: )

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility.

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
debian/strongswan
5.7.2-1+deb10u2
5.7.2-1+deb10u3
5.9.1-1+deb11u3
5.9.8-5
5.9.11-1
Strongswan Strongswan>=4.2.10<5.9.4
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Siemens SINEMA Remote Connect Server
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail Firmware
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail
Siemens Simatic Cp 1243-1 Firmware
Siemens Simatic Cp 1243-1
Siemens Simatic Cp 1242-7 Gprs V2 Firmware
Siemens SIMATIC CP 1242-7 GPRS V2
Siemens Simatic Net Cp 1243-8 Irc Firmware
Siemens Simatic Net Cp 1243-8 Irc
Siemens Scalance Sc632-2c Firmware
Siemens Scalance Sc632-2c
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Firmware
Siemens Siplus Et 200sp Cp 1543sp-1 Isec
Siemens Cp 1543-1 Firmware
Siemens Cp 1543-1
Siemens Simatic Net Cp 1545-1 Firmware
Siemens Simatic Net Cp 1545-1
Siemens Simatic Cp 1543sp-1 Firmware
Siemens Simatic Cp 1543sp-1
Siemens Simatic Net Cp1243-7 Lte Eu Firmware
Siemens Simatic Net Cp1243-7 Lte Eu
Siemens Simatic Cp 1243-7 Lte\/us Firmware
Siemens Simatic Cp 1243-7 Lte\/us
Siemens Simatic Cp 1542sp-1 Firmware
Siemens SIMATIC CP 1542SP-1
Siemens Scalance Sc636-2c Firmware
Siemens Scalance Sc636-2c
Siemens Simatic Cp 1542sp-1 Irc Firmware
Siemens Simatic Cp 1542sp-1 Irc
Siemens Scalance Sc642-2c Firmware
Siemens Scalance Sc642-2c
Siemens Scalance Sc646-2c Firmware<2.3
Siemens Scalance Sc646-2c
Siemens Scalance Sc622-2c Firmware
Siemens Scalance Sc622-2c
Siemens Siplus S7-1200 Cp 1243-1 Rail Firmware
Siemens Siplus S7-1200 Cp 1243-1 Rail
Siemens Siplus S7-1200 Cp 1243-1 Firmware
Siemens Siplus S7-1200 Cp 1243-1
Siemens Siplus Net Cp 1543-1 Firmware
Siemens Siplus Net Cp 1543-1
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Tx Rail Firmware
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Tx Rail
All of
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail Firmware
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail
All of
Siemens Simatic Cp 1243-1 Firmware
Siemens Simatic Cp 1243-1
All of
Siemens Simatic Cp 1242-7 Gprs V2 Firmware
Siemens SIMATIC CP 1242-7 GPRS V2
All of
Siemens Simatic Net Cp 1243-8 Irc Firmware
Siemens Simatic Net Cp 1243-8 Irc
All of
Siemens Scalance Sc632-2c Firmware
Siemens Scalance Sc632-2c
All of
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Firmware
Siemens Siplus Et 200sp Cp 1543sp-1 Isec
All of
Siemens Cp 1543-1 Firmware
Siemens Cp 1543-1
All of
Siemens Simatic Net Cp 1545-1 Firmware
Siemens Simatic Net Cp 1545-1
All of
Siemens Simatic Cp 1543sp-1 Firmware
Siemens Simatic Cp 1543sp-1
All of
Siemens Simatic Net Cp1243-7 Lte Eu Firmware
Siemens Simatic Net Cp1243-7 Lte Eu
All of
Siemens Simatic Cp 1243-7 Lte\/us Firmware
Siemens Simatic Cp 1243-7 Lte\/us
All of
Siemens Simatic Cp 1542sp-1 Firmware
Siemens SIMATIC CP 1542SP-1
All of
Siemens Scalance Sc636-2c Firmware
Siemens Scalance Sc636-2c
All of
Siemens Simatic Cp 1542sp-1 Irc Firmware
Siemens Simatic Cp 1542sp-1 Irc
All of
Siemens Scalance Sc642-2c Firmware
Siemens Scalance Sc642-2c
All of
Siemens Scalance Sc646-2c Firmware<2.3
Siemens Scalance Sc646-2c
All of
Siemens Scalance Sc622-2c Firmware
Siemens Scalance Sc622-2c
All of
Siemens Siplus S7-1200 Cp 1243-1 Rail Firmware
Siemens Siplus S7-1200 Cp 1243-1 Rail
All of
Siemens Siplus S7-1200 Cp 1243-1 Firmware
Siemens Siplus S7-1200 Cp 1243-1
All of
Siemens Siplus Net Cp 1543-1 Firmware
Siemens Siplus Net Cp 1543-1
All of
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Tx Rail Firmware
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Tx Rail

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the vulnerability ID for this issue?

    The vulnerability ID for this issue is CVE-2021-41991.

  • What is the severity level of CVE-2021-41991?

    The severity level of CVE-2021-41991 is high.

  • Which software versions are affected by CVE-2021-41991?

    Versions of strongSwan before 5.9.4 are affected by CVE-2021-41991.

  • How can I fix CVE-2021-41991?

    To fix CVE-2021-41991, upgrade to strongSwan version 5.9.4 or later.

  • Where can I find more information about CVE-2021-41991?

    You can find more information about CVE-2021-41991 in the following references: [Link 1](https://cert-portal.siemens.com/productcert/pdf/ssa-539476.pdf), [Link 2](https://github.com/strongswan/strongswan/releases/tag/5.9.4), [Link 3](https://lists.debian.org/debian-lts-announce/2021/10/msg00014.html).

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203