Multiple vulnerabilities were fixed in strongSwan, an IKE/IPsec suite.
CVE-2026-35328
A vulnerability in libtls related to the processing of the supported_versions extension in TLS that can result in an infinite loop.
CVE-2026-35329
Vulnerabilities in libstrongswan and the pkcs7 plugin related to the processing of encrypted PKCS#7 containers that can result in a crash.
CVE-2026-35330
A vulnerability in libsimaka related to the processing of certain EAP-SIM/AKA attributes that can result in an infinite loop or a heap-based buffer overflow and potentially remote code execution.
CVE-2026-35331
A vulnerability in the constraints plugin related to the processing of X.509 name constraints that can allow authentication with certificates that violate the constraints.
CVE-2026-35332
A vulnerability in libtls related to the processing of ECDH public values in TLS < 1.3 that can result in a crash.
CVE-2026-35333
A vulnerability in libradius related to the processing of RADIUS attributes that can result in an infinite loop or an out-of-bounds read that may cause a crash.
CVE-2026-35334
A vulnerability in the gmp plugin related to RSA decryption that can result in a crash.
https://security-tracker.debian.org/tracker/DSA-6227-1
Continue reading...
CVE-2026-35328
A vulnerability in libtls related to the processing of the supported_versions extension in TLS that can result in an infinite loop.
CVE-2026-35329
Vulnerabilities in libstrongswan and the pkcs7 plugin related to the processing of encrypted PKCS#7 containers that can result in a crash.
CVE-2026-35330
A vulnerability in libsimaka related to the processing of certain EAP-SIM/AKA attributes that can result in an infinite loop or a heap-based buffer overflow and potentially remote code execution.
CVE-2026-35331
A vulnerability in the constraints plugin related to the processing of X.509 name constraints that can allow authentication with certificates that violate the constraints.
CVE-2026-35332
A vulnerability in libtls related to the processing of ECDH public values in TLS < 1.3 that can result in a crash.
CVE-2026-35333
A vulnerability in libradius related to the processing of RADIUS attributes that can result in an infinite loop or an out-of-bounds read that may cause a crash.
CVE-2026-35334
A vulnerability in the gmp plugin related to RSA decryption that can result in a crash.
https://security-tracker.debian.org/tracker/DSA-6227-1
Continue reading...
