A flaw was found in openswan v2.6.50. Improper signature verification for RSASSA-PKCS1-v1_5 signature scheme in the try_RSA_signature_v2() function may leave it open to Bleichenbacher-style signature forgery attacks. Upstream patch: https://github.com/xelerance/Openswan/pull/317#issuecomment-413738632 References: https://lists.openswan.org/pipermail/users/2018-August/023758.html
note this flaw only affects openswan versions compiled without NSS. When NSS is used as cryptographic library, the RSA routines from NSS are used instead of the custom openswan RSA code that contains the vulnerability. RHEL has only ever shipped with NSS enabled openswan versions, so no Red Hat products are vulnerable to this bug.
Statement: This flaw only affects openswan versions compiled without NSS. When NSS is used as cryptographic library, the RSA routines from NSS are used instead of the custom openswan RSA code that contains the vulnerability. Red Hat Enterprise Linux has only ever shipped with NSS enabled openswan versions, so no Red Hat products are vulnerable to this bug.
Upstream Advisory: https://lists.openswan.org/pipermail/users/2018-August/023761.html Upstream Patch: https://github.com/xelerance/Openswan/commit/9eaa6c2a823c1d2b58913506a15f9474bf857a3d#diff-4fcbf41f558919d3296802fad6dce5a3