Bug 1216901 (CVE-2023-41913)

Summary: VUL-0: CVE-2023-41913: strongswan: A bug in charon-tkm related to handling DH public values that can lead to remote code execution
Product: [Novell Products] SUSE Security Incidents Reporter: Stoyan Manolov <stoyan.manolov>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: jcheung, meissner, mohd.saquib, mt, ncutler
Version: unspecifiedFlags: ncutler: needinfo?
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/384174/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-41913:7.0:(AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Comment 6 Marcus Meissner 2023-11-08 08:09:10 UTC 
CRD: 2024-11-20
Comment 13 Marcus Meissner 2023-11-21 11:47:09 UTC 
is public

https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-(cve-2023-41913).html


strongSwan Vulnerability (CVE-2023-41913)

Nov 20, 2023

A vulnerability in charon-tkm related to processing DH public values was discovered in strongSwan that can result in a buffer overflow and potentially remote code execution. All versions since 5.3.0 are affected.
security fix
5.9.x
5.8.x
5.7.x
5.6.x
5.5.x
5.4.x
5.3.x

Florian Picca reported a bug in charon-tkm (the TKM-backed version of the charon IKE daemon) related to handling DH public values that can lead to remote code execution.
Buffer Overflow When Handling DH Public Values

The TKM-backed version of the charon IKE daemon (charon-tkm) doesn't check the length of received Diffie-Hellman public values before copying them to a fixed-size buffer on the stack, causing a buffer overflow (CWE-121) that could potentially be exploited for remote code execution by sending a specially crafted and unauthenticated IKE_SA_INIT message.  Affected are
all strongSwan versions since 5.3.0.

CVE-2023-41913 has been assigned for this vulnerability.
Missing Length Check for DH Public Values in charon-tkm

Before 5.3.0, the length of Diffie-Hellman public values of known DH groups was directly verified by the code that handles KE payloads.  This was changed with 0356089d0f94 ("diffie-hellman: Verify public DH values in backends") and 41fc94c92454 ("encoding: Remove DH public value verification from KE payload"), both released with 5.3.0. They made DH
implementations responsible for verifying the public values themselves in their implementation of diffie_hellman_t::set_other_public_value() (or key_exchange_t::set_public_key() in newer releases).  A helper function was added to simplify this for known DH groups.

Unfortunately, the implementation of that method in charon-tkm, which acts as proxy for DH operation between the IKE daemon and the Trusted Key Manager (TKM), was forgotten and since then contained an unchecked memcpy() that copied whatever public DH value the peer sent in its unauthenticated IKE_SA_INIT message to a buffer of 512 bytes on the
stack, potentially causing a buffer overflow.  The length is only limited by the maximum length for accepted IKE messages, which defaults to 10'000 bytes.

Remote code execution might be possible due to this issue.

As mentioned in the introduction, credit to Florian Picca at Stackered for finding this vulnerability and reporting it responsibly.
Mitigation

Setups that don't use charon-tkm as IKE daemon are not vulnerable.  Note that the charon-tkm version that supports multiple key exchanges is not vulnerable either (tkm-multi-ke branch, which will be released with strongSwan 6 in the future).

The just released strongSwan 5.9.12 fixes this vulnerability. For older releases, we provide patches that fix the vulnerability and should apply with appropriate hunk offsets.
Comment 14 Maintenance Automation 2023-11-21 20:30:23 UTC 
SUSE-SU-2023:4516-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1216901
CVE References: CVE-2023-41913
Sources used:
SUSE CaaS Platform 4.0 (src): strongswan-5.8.2-150000.4.23.2
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): strongswan-5.8.2-150000.4.23.2
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): strongswan-5.8.2-150000.4.23.2
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): strongswan-5.8.2-150000.4.23.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 Maintenance Automation 2023-11-21 20:30:25 UTC 
SUSE-SU-2023:4515-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1216901
CVE References: CVE-2023-41913
Sources used:
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): strongswan-5.8.2-150200.11.42.2
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): strongswan-5.8.2-150200.11.42.2
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): strongswan-5.8.2-150200.11.42.2
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): strongswan-5.8.2-150200.11.42.2
SUSE Enterprise Storage 7.1 (src): strongswan-5.8.2-150200.11.42.2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): strongswan-5.8.2-150200.11.42.2
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): strongswan-5.8.2-150200.11.42.2
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): strongswan-5.8.2-150200.11.42.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Maintenance Automation 2023-11-21 20:30:32 UTC 
SUSE-SU-2023:4514-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1216901
CVE References: CVE-2023-41913
Sources used:
openSUSE Leap 15.4 (src): strongswan-5.9.11-150400.19.17.2
Basesystem Module 15-SP4 (src): strongswan-5.9.11-150400.19.17.2
SUSE Package Hub 15 15-SP4 (src): strongswan-5.9.11-150400.19.17.2
SUSE Linux Enterprise Workstation Extension 15 SP4 (src): strongswan-5.9.11-150400.19.17.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Maintenance Automation 2023-11-22 16:30:04 UTC 
SUSE-SU-2023:4529-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1216901
CVE References: CVE-2023-41913
Sources used:
openSUSE Leap 15.5 (src): strongswan-5.9.11-150500.5.6.1
Basesystem Module 15-SP5 (src): strongswan-5.9.11-150500.5.6.1
SUSE Package Hub 15 15-SP5 (src): strongswan-5.9.11-150500.5.6.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src): strongswan-5.9.11-150500.5.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Mohd Saquib 2023-12-06 07:04:00 UTC 
Assigning to security team