1408 matches found
[SECURITY] Fedora 43 Update: strongswan-6.0.7-2.fc43
The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel...
[SECURITY] Fedora 44 Update: strongswan-6.0.7-1.fc44
The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel...
SUSE-SU-2026:22168-1 Security update for strongswan
This update for strongswan fixes the following issue - CVE-2026-47895: Double-Free When Destroying Certain Cloned Identities bsc1266360...
OPENSUSE-SU-2026:21092-1 Security update for strongswan
This update for strongswan fixes the following issue - CVE-2026-47895: Double-Free When Destroying Certain Cloned Identities bsc1266360...
SUSE SLES15 Security Update : strongswan (SUSE-SU-2026:2368-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2368-1 advisory. This update for strongswan fixes the following issues - CVE-2026-35328: infinite loop when handling supported versions TLS extensio...
SUSE SLES12 Security Update : strongswan (SUSE-SU-2026:2312-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2312-1 advisory. This update for strongswan fixes the following issue - CVE-2026-47895: double-free when destroying certain cloned identities bsc1266360. Tenable has...
strongswan-6.0.7-1.1 on GA media (moderate)
strongswan-6.0.7-1.1 on GA media Announcement ID: openSUSE-SU-2026:11005-1 Rating: moderate Cross-References: CVE-2026-47895 CVSS scores: CVE-2026-47895 SUSE : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-47895 SUSE : 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:...
Security update for strongswan
This update for strongswan fixes the following issues CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attribut...
SUSE-SU-2026:2368-1 Security update for strongswan
This update for strongswan fixes the following issues - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...
Debian dsa-6330 : charon-cmd - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6330 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6330-1 [email protected] https://www.debian.org/security/...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : strongSwan vulnerability (USN-8407-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8407-1 advisory. Elliott Childre discovered that strongSwan incorrectly handled the cloning of certain identities. A remote attacker could use this...
OPENSUSE-SU-2026:11005-1 strongswan-6.0.7-1.1 on GA media
These are all security issues fixed in the strongswan-6.0.7-1.1 package on the GA media of openSUSE Tumbleweed...
Security update for strongswan
This update for strongswan fixes the following issue CVE-2026-47895: double-free when destroying certain cloned identities bsc1266360. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...
SUSE-SU-2026:2312-1 Security update for strongswan
This update for strongswan fixes the following issue - CVE-2026-47895: double-free when destroying certain cloned identities bsc1266360...
FreeBSD : strongSwan -- Double-free when destroying certain cloned identities that can lead to remote code execution (a207a367-6359-11f1-8c57-000af7b98cf6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a207a367-6359-11f1-8c57-000af7b98cf6 advisory. R. Elliott Childre reports: The clone method of the identificationt class doesn't correctly handle...
USN-8407-1 strongswan vulnerability
Elliott Childre discovered that strongSwan incorrectly handled the cloning of certain identities. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-8407-1: strongSwan vulnerability
Elliott Childre discovered that strongSwan incorrectly handled the cloning of certain identities. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code...
[SECURITY] [DSA 6330-1] strongswan security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6330-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez June 08, 2026 https://www.debian.org/security/faq -...
strongSwan -- Double-free when destroying certain cloned identities that can lead to remote code execution
R. Elliott Childre reports: The clone method of the identificationt class doesn't correctly handle identities that have an empty but non-NULL encoding. Both objects will point to the same location, resulting in a double-free once the second object is destroyed. This can lead to a crash and could...
SUSE SLES15 Security Update : strongswan (SUSE-SU-2026:2197-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2197-1 advisory. - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereferen...