Bug 1039514 - (CVE-2017-9022) VUL-0: CVE-2017-9022: strongswan: Insufficient Input Validation in gmp Plugin
(CVE-2017-9022)
VUL-0: CVE-2017-9022: strongswan: Insufficient Input Validation in gmp Plugin
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Madhu Mohan Nelemane
Security Team bot
https://smash.suse.de/issue/185415/
CVSSv3:SUSE:CVE-2017-9022:5.9:(AV:N/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-05-17 13:24 UTC by Alexander Bergmann
Modified: 2019-12-05 16:56 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 5 Marcus Meissner 2017-05-29 11:06:05 UTC
CRD: 2017-05-30 12:00UTC
Comment 6 Marcus Meissner 2017-05-31 11:40:12 UTC
went public

https://wiki.strongswan.org/versions/65


    Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input
    validation when verifying RSA signatures. More specifically, mpz_powm_sec() has two
    requirements regarding the passed exponent and modulus that the plugin did not
    enforce, if these are not met the calculation will result in a floating point exception
    that crashes the whole process.
    This vulnerability has been registered as CVE-2017-9022.
    Please refer to our blog for details.

https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9022).html



A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions since 4.4.0 are affected.

We recently started fuzzing some of our plugins using Google's OSS-Fuzz infrastructure. Among the bugs that were discovered two may lead to  denial-of-service attacks. The one described in this article affects the gmp plugin, the other the ASN.1 parser in combination with the x509 plugin (described in a separate article).
Insufficient Input Validation in gmp Plugin

RSA public keys passed to the gmp plugin aren't validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point exception. Affected are all strongSwan versions since 4.4.0, up to and including 5.5.2.

CVE-2017-9022 has been assigned for this vulnerability.

With strongSwan 4.4.0 the gmp plugin started to use mpz_powm_sec(), if available, for side-channel-free exponentiation. Compared to mpz_powm() this function has two additional requirements regarding the passed exponent and modulus: The exponent must be larger than zero and the modulus must be odd. If these requirements are not met the calculations performed by libgmp will result in a floating point exception that crashes the whole process. Until now the plugin simply replaced mpz_powm() with mpz_powm_sec() without any additional input checks. So a certificate with an appropriately prepared public key sent by a peer could be used for a denial-of-service attack.

Remote code execution is not possible due to this issue.

Credit to OSS-Fuzz for finding this vulnerability, and to Sven Defatsch for setting up the integration and creating the fuzz target.
Fix

Installations that don't have the gmp plugin enabled and loaded are not vulnerable.

The just released strongSwan 5.5.3 fixes this vulnerability. For older releases we provide a patch that fixes the vulnerability and should apply with appropriate hunk offsets.
Comment 7 Marcus Meissner 2017-05-31 11:42:36 UTC
Please submit for opensuse, leap and factory.
Comment 8 Swamp Workflow Management 2017-06-01 16:09:49 UTC
SUSE-SU-2017:1471-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1039514,1039515
CVE References: CVE-2017-9022,CVE-2017-9023
Sources used:
SUSE Linux Enterprise Server 11-SP4 (src):    strongswan-4.4.0-6.35.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    strongswan-4.4.0-6.35.1
Comment 9 Swamp Workflow Management 2017-06-01 16:11:26 UTC
SUSE-SU-2017:1473-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1039514,1039515,985012
CVE References: CVE-2017-9022,CVE-2017-9023
Sources used:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    strongswan-5.1.3-25.1
SUSE Linux Enterprise Server 12-SP2 (src):    strongswan-5.1.3-25.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    strongswan-5.1.3-25.1
Comment 10 Marcus Meissner 2017-10-25 19:14:36 UTC
Please submit for opensuse, leap and factory.
Comment 11 Wolfgang Frisch 2019-12-05 16:56:12 UTC
Fixed in all supported SUSE distributions.
Fixed in all supported openSUSE distributions.