{"id":"CVE-2018-15836","details":"In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2 signature verification is affected when RAW RSA keys are used.","modified":"2026-04-11T12:27:42.573786Z","published":"2018-09-26T21:29:00.913Z","references":[{"type":"ADVISORY","url":"https://lists.openswan.org/pipermail/users/2018-August/023761.html"},{"type":"FIX","url":"https://github.com/xelerance/Openswan/commit/9eaa6c2a823c1d2b58913506a15f9474bf857a3d"},{"type":"FIX","url":"https://github.com/xelerance/Openswan/commit/0b460be9e287fd335c8ce58129c67bf06065ef51"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/xelerance/openswan","events":[{"introduced":"0"},{"fixed":"0b460be9e287fd335c8ce58129c67bf06065ef51"},{"fixed":"9eaa6c2a823c1d2b58913506a15f9474bf857a3d"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.6.50.1"}]}}],"versions":["v2.5.01","v2.5.03","v2.6.01","v2.6.03","v2.6.07","v2.6.14","v2.6.15","v2.6.16","v2.6.18","v2.6.19","v2.6.20","v2.6.21","v2.6.23","v2.6.24","v2.6.26","v2.6.29","v2.6.32","v2.6.34","v2.6.36","v2.6.37","v2.6.38","v2.6.40","v2.6.42","v2.6.43","v2.6.44","v2.6.45","v2.6.46","v2.6.47","v2.6.47.1","v2.6.48","v2.6.49","v2.6.50"],"database_specific":{"vanir_signatures":[{"id":"CVE-2018-15836-1ac51d67","digest":{"function_hash":"236529740792023782679289609660264815960","length":900},"signature_version":"v1","target":{"file":"lib/liboswkeys/signatures.c","function":"verify_signed_hash"},"source":"https://github.com/xelerance/openswan/commit/9eaa6c2a823c1d2b58913506a15f9474bf857a3d","deprecated":false,"signature_type":"Function"},{"id":"CVE-2018-15836-2d94594d","digest":{"line_hashes":["257282234818150788343041657178393295120","142560450995371773859260608519618091601","96950459911695153985521605877857233650","81033830470151624835191227279492282264"],"threshold":0.9},"signature_version":"v1","target":{"file":"lib/liboswkeys/signatures.c"},"source":"https://github.com/xelerance/openswan/commit/9eaa6c2a823c1d2b58913506a15f9474bf857a3d","deprecated":false,"signature_type":"Line"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-15836.json","vanir_signatures_modified":"2026-04-11T12:27:42Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}