vulnerability
FreeBSD: VID-6a449a37-1570-11e8-8e00-000c294a5758 (CVE-2018-6459): strongswan - Insufficient input validation in RSASSA-PSS signature parser
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Feb 19, 2018 | Mar 2, 2018 | Mar 25, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Feb 19, 2018
Added
Mar 2, 2018
Modified
Mar 25, 2026
Description
Strongswan Release Notes reports: Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS signatures that was caused by insufficient input validation. One of the configurable parameters in algorithm identifier structures for RSASSA-PSS signatures is the mask generation function (MGF). Only MGF1 is currently specified for this purpose. However, this in turn takes itself a parameter that specifies the underlying hash function. strongSwan's parser did not correctly handle the case of this parameter being absent, causing an undefined data read. his vulnerability has been registered as CVE-2018-6459.
Solution
freebsd-upgrade-package-strongswan
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.