Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Old strongSwan Software Allows Hackers to Crash Systems
MGASA-2026-0072
Summary
Old versions of strongSwan VPN software have a security flaw that could allow hackers to crash systems or take control of them. This affects systems using outdated strongSwan versions. Update to the latest version to fix the issue.
What to do
- Update strongswan to version 5.9.14-1.2.mga9.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | strongswan | <= 5.9.14-1.2.mga9 | 5.9.14-1.2.mga9 |
Original title
Updated strongswan packages fix security vulnerability
Original description
strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow.
(CVE-2026-25075)
(CVE-2026-25075)
- https://advisories.mageia.org/MGASA-2026-0072.html Vendor Advisory
- https://bugs.mageia.org/show_bug.cgi?id=35265 Third Party Advisory
- https://lists.debian.org/debian-security-announce/2026/msg00085.html Third Party Advisory
- https://ubuntu.com/security/notices/USN-8117-1 Third Party Advisory
- https://lists.opensuse.org/archives/list/[email protected]/me... Third Party Advisory
Published: 29 Mar 2026 · Updated: 29 Mar 2026 · First seen: 29 Mar 2026