[Pkg-swan-devel] Bug#1120004: strongswan: CVE-2025-62291
Salvatore Bonaccorso
carnil at debian.org
Mon Nov 3 19:54:13 GMT 2025
Source: strongswan
Version: 6.0.2-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Hi,
The following vulnerability was published for strongswan.
CVE-2025-62291[0]:
| A vulnerability in the eap-mschapv2 plugin related to processing
| Failure Request packets on the client was discovered in strongSwan
| that can result in a heap-based buffer overflow and potentially remote
| code execution.
(just filling for visibility, alls security supported suites are
already been fixed)
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-62291
https://www.cve.org/CVERecord?id=CVE-2025-62291
[1] https://www.strongswan.org/blog/2025/10/27/strongswan-vulnerability-(cve-2025-62291).html
Regards,
Salvatore
-- System Information:
Debian Release: forky/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.16.12+deb14+1-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
More information about the Pkg-swan-devel
mailing list