Primary

Context

strongSwan EAP-TTLS AVP Parsing Integer Underflow Vulnerability Leading to Denial-of-Service

Vulnerability

Patched

An integer underflow vulnerability has been identified in the strongSwan VPN software, specifically in versions 4.5.0 prior to 6.0.5. This vulnerability resides in the EAP-TTLS AVP parser, where the absence of proper length validation allows unauthenticated remote attackers to send crafted AVP data during IKEv2 authentication. Exploitation of this flaw can cause excessive memory allocation or a NULL pointer dereference, leading to a crash of the charon IKE daemon.

Impact

Exploitation of this vulnerability can cause a denial-of-service condition by crashing the charon IKE daemon, which is responsible for handling IKEv2 negotiations and can disrupt active VPN connections.

Remediation

Users can upgrade to strongSwan version 6.0.5 or apply the available patch for older releases. The patch can be downloaded from the strongSwan security patch repository.

Added: Mar 23, 2026, 7:37 PM

Updated: Mar 23, 2026, 7:37 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

2.5

exploitability

7.6

remediation

7.9

relevance

4.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

2.5

exploitability

7.6

remediation

7.9

relevance

4.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

strongSwan EAP-TTLS AVP Parsing Integer Underflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

strongSwan

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating