Packages
- strongswan - IPsec VPN solution
Details
Xu Biang discovered that the strongSwan client incorrectly handled
EAP-MSCHAPv2 failure requests. If a user or automated system were tricked
into connecting to a malicious server, a remote attacker could use this
issue to cause strongSwan to crash, resulting in a denial of service, or
possibly execute arbitrary code.
Xu Biang discovered that the strongSwan client incorrectly handled
EAP-MSCHAPv2 failure requests. If a user or automated system were tricked
into connecting to a malicious server, a remote attacker could use this
issue to cause strongSwan to crash, resulting in a denial of service, or
possibly execute arbitrary code.
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 25.10 questing | libstrongswan – 6.0.1-6ubuntu4.1 | ||
| strongswan – 6.0.1-6ubuntu4.1 | |||
| 25.04 plucky | libstrongswan – 5.9.13-2ubuntu4.25.04.1 | ||
| strongswan – 5.9.13-2ubuntu4.25.04.1 | |||
| 24.04 LTS noble | libstrongswan – 5.9.13-2ubuntu4.24.04.1 | ||
| strongswan – 5.9.13-2ubuntu4.24.04.1 | |||
| 22.04 LTS jammy | libstrongswan – 5.9.5-2ubuntu2.4 | ||
| strongswan – 5.9.5-2ubuntu2.4 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.