vulnerability
FreeBSD: VID-6a449a37-1570-11e8-8e00-000c294a5758 (CVE-2018-6459): strongswan - Insufficient input validation in RSASSA-PSS signature parser
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Feb 19, 2018 | Mar 2, 2018 | Dec 10, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Feb 19, 2018
Added
Mar 2, 2018
Modified
Dec 10, 2025
Description
Strongswan Release Notes reports: Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS signatures that was caused by insufficient input validation. One of the configurable parameters in algorithm identifier structures for RSASSA-PSS signatures is the mask generation function (MGF). Only MGF1 is currently specified for this purpose. However, this in turn takes itself a parameter that specifies the underlying hash function. strongSwan's parser did not correctly handle the case of this parameter being absent, causing an undefined data read. his vulnerability has been registered as CVE-2018-6459.
Solution
freebsd-upgrade-package-strongswan
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.