Strongswan · Strongswan · CVE-2014-9221
**Name of the Vulnerable Software and Affected Versions**
strongSwan versions 4.5.x through 5.2.x before 5.2.1
**Description**
The issue allows remote attackers to cause a denial of service, specifically an invalid pointer dereference, by sending a crafted IKEv2 Key Exchange message that utilizes Diffie-Hellman group 1025.
**Recommendations**
For strongSwan versions 4.5.x through 5.2.x before 5.2.1, update to version 5.2.1 or later to resolve the issue.