strongSwan, IPSec-raws li VPN pob siv rau Linux, Android, FreeBSD, thiab macOS, muaj qhov tsis zoo (CVE-2023-41913) uas tuaj yeem siv rau kev ua haujlwm ntawm cov chaw taws teeb los ntawm tus neeg tawm tsam. Qhov tsis zoo yog vim muaj kab laum hauv cov txheej txheem charon-tkm nrog nws cov TKMv2 (Trusted Key Manager) kev siv ntawm Cov Kev Sib Pauv Tseem Ceeb (IKE) raws tu qauv, uas ua rau muaj qhov tsis txaus thaum ua cov txheej txheem tshwj xeeb DH (Diffie–Hellman) cov txiaj ntsig. Qhov tsis zoo tsuas yog tshwm sim ntawm cov tshuab siv charon-tkm thiab muaj zogSwan tso tawm pib txij 5.3.0. Qhov teeb meem yog kho nyob rau hauv lub zog Swan 5.9.12 hloov tshiab. Txhawm rau txhim kho qhov tsis zoo hauv cov ceg pib txij li 5.3.x, thaj ua rau thaj kuj tau npaj.
Qhov yuam kev yog tshwm sim los ntawm kev tsis tshuaj xyuas qhov loj ntawm pej xeem Diffie-Hellman qhov tseem ceeb ua ntej luam lawv mus rau qhov tsis muaj qhov loj me ntawm pawg. Kev hla dhau tuaj yeem pib los ntawm kev xa cov lus tshwj xeeb IKE_SA_INIT uas tau ua tiav yam tsis muaj kev lees paub. Nyob rau hauv cov laus versions ntawm strongSwan, qhov luaj li cas xyuas yog nqa tawm nyob rau hauv lub KE payload handler (Key Exchange), tab sis nyob rau hauv version 5.3.0 kev hloov pauv tau ntxiv uas tau txav daim tshev ntawm cov nqi pej xeem mus rau sab ntawm DH raws tu qauv handler ( Diffie-Hellman) thiab ntxiv cov haujlwm tseem ceeb los ua kom yooj yim tshawb xyuas qhov siv tau ntawm pawg paub D.H. Vim muaj kev saib xyuas, lawv tsis nco qab ntxiv cov kev kuaj xyuas tshiab rau cov txheej txheem charon-tkm, uas ua haujlwm raws li tus neeg sawv cev ntawm IKE txheej txheem thiab TKM (Trusted Key Manager), uas yog vim li cas memcpy() muaj nuj nqi tsis raug txheeb xyuas. uas tso cai rau 512 bytes sau rau 10000-byte tsis cov ntaub ntawv.
Tau qhov twg los: opennet.ru