1409 matches found
SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2026:0980-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0980-1 advisory. - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Tenable has extracted the preceding...
CVE-2026-25075
A flaw was found in strongSwan. An unauthenticated remote attacker can exploit an integer underflow vulnerability in the EAP-TTLS AVP Attribute-Value Pair parser. By sending specially crafted AVP data with invalid length fields during IKEv2 Internet Key Exchange version 2 authentication, the...
strongSwan 4.5.0 < 6.0.5 DoS Vulnerability
strongSwan is prone to a denial of service DoS vulnerability. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Ubuntu: Security Advisory (USN-8117-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-6176-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EUVD-2026-14477
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...
CVE-2026-25075
The CVE-2026-25075 issue is an integer underflow in strongSwan’s EAP-TTLS AVP parser affecting versions 4.5.0 through 6.0.4, which can crash the charon IKE daemon (DoS) via crafted AVP length fields during IKEv2 authentication. Mitigation: upgrade to strongSwan 6.0.5 or later (as confirmed by Mag...
CVE-2026-25075
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...
CVE-2026-25075
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...
CVE-2026-25075 strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...
CVE-2026-25075 strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...
CVE-2026-25075 strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...
[SECURITY] [DSA 6176-1] strongswan security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6176-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez March 23, 2026 https://www.debian.org/security/faq -...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
SUSE-SU-2026:0981-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
SUSE-SU-2026:0980-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...
SUSE-SU-2026:0979-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Other bug fixes: -Fix rpm scripts to not break swanctl.conf use bsc1256442: Guard rpm migration scripts migrating strongswan.service using ipsec.conf on less than...