PT-2025-44223 · Unknown+3 · Charon-Systemd+16
Published
2025-01-01
·
Updated
2026-01-22
·
CVE-2025-62291
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
strongSwan versions 5.9.13-2ubuntu4.25.04.1
Description
The strongSwan client had an incorrect handling of EAP-MSCHAPv2 failure requests. An attacker could potentially cause a denial of service, or possibly execute arbitrary code, by tricking a user or automated system into connecting to a malicious server.
Recommendations
Run
sudo pro fix USN-7841-1 to fix the vulnerability.
Update to the following package versions:
charon-cmd - 5.9.13-2ubuntu4.25.04.1
charon-systemd - 5.9.13-2ubuntu4.25.04.1
libcharon-extauth-plugins - 5.9.13-2ubuntu4.25.04.1
libcharon-extra-plugins - 5.9.13-2ubuntu4.25.04.1
libstrongswan - 5.9.13-2ubuntu4.25.04.1
libstrongswan-extra-plugins - 5.9.13-2ubuntu4.25.04.1
libstrongswan-standard-plugins - 5.9.13-2ubuntu4.25.04.1
strongswan - 5.9.13-2ubuntu4.25.04.1
strongswan-charon - 5.9.13-2ubuntu4.25.04.1
strongswan-libcharon - 5.9.13-2ubuntu4.25.04.1
strongswan-nm - 5.9.13-2ubuntu4.25.04.1
strongswan-pki - 5.9.13-2ubuntu4.25.04.1
strongswan-starter - 5.9.13-2ubuntu4.25.04.1
strongswan-swanctl - 5.9.13-2ubuntu4.25.04.1Fix
DoS
Integer Underflow
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linuxmint
Red Os
Ubuntu
Charon-Cmd
Charon-Systemd
Libcharon-Extauth-Plugins
Libcharon-Extra-Plugins
Libstrongswan
Libstrongswan-Extra-Plugins
Libstrongswan-Standard-Plugins
Strongswan
Strongswan-Charon
Strongswan-Libcharon
Strongswan-Nm
Strongswan-Pki
Strongswan-Starter
Strongswan-Swanctl