漏洞编号：CVE-2017-9022 Ubuntu Security Notification for Strongswan Vulnerabilities (USN-3301-1)

It was discovered that the strongSwan gmp plugin incorrectly validated RSA public keys.

It was discovered that strongSwan incorrectly parsed ASN.1 CHOICE types.

A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. (CVE-2017-9022)

A remote attacker could use this issue to cause strongSwan to hang, resulting in a denial of service. (CVE-2017-9023)

Refer to Ubuntu advisory USN-3301-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3301-1: 16.10 (Yakkety) on src (libstrongswan)

USN-3301-1: 16.04 (Xenial) on src (libstrongswan)

USN-3301-1: 16.10 (Yakkety) on src (strongswan-plugin-gmp)

USN-3301-1: 14.04 (Kylin) on src (strongswan-plugin-gmp)

USN-3301-1: 16.04 (Xenial) on src (strongswan)

USN-3301-1: 17.04 (zesty) on src (strongswan)

USN-3301-1: 17.04 (zesty) on src (libstrongswan)

USN-3301-1: 14.04 (Kylin) on src (libstrongswan)

USN-3301-1: 16.04 (Xenial) on src (strongswan-plugin-gmp)

USN-3301-1: 16.10 (Yakkety) on src (strongswan)

USN-3301-1: 14.04 (Kylin) on src (strongswan)