Debian DSA-6227-1 StrongSwan Critical Infinite Loop Crash Vulnerabilities
debian
April 22, 2026
Multiple vulnerabilities were fixed in strongSwan, an IKE/IPsec suite
Topics Covered
Summary
CVE-2026-35328
A vulnerability in libtls related to the processing of the
supported_versions extension in TLS that can result in an infinite
loop.
CVE-2026-35329
Vulnerabilities in libstrongswan and the pkcs7 plugin related to the
processing of encrypted PKCS#7 containers that can result in a crash.
CVE-2026-35330
A vulnerability in libsimaka related to the processing of certain
EAP-SIM/AKA attributes that can result in an infinite loop or a
heap-based buffer overflow and potentially remote code execution.
CVE-2026-35331
A vulnerability in the constraints plugin related to the processing of
X.509 name constraints that can allow authentication with certificates
that violate the constraints.
CVE-2026-35332
A vulnerability in libtls related to the processing of ECDH public
values in TLS < 1.3 that can result in a crash.
CVE-2026-35333
A vulnerability in libradius related to the processing of RADIUS
attributes that can result in an infinite loop o...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: strongswan
CVE ID: CVE-2026-35328 CVE-2026-35329 CVE-2026-35330 CVE-2026-35331
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!