openSUSE StrongSwan Important Security Patch CVE-2026-35328 CVE-2026-35329
suse
June 11, 2026
An update that solves eight vulnerabilities can now be installed.
Summary
## This update for strongswan fixes the following issues * CVE-2026-35328: infinite loop when handling supported versions TLS extension (bsc#1261712). * CVE-2026-35329: null pointer dereference when processing padding in PKCS#7 (bsc#1261717). * CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attributes (bsc#1261705). * CVE-2026-35331: accepting certificates violating name constraints (bsc#1261718). * CVE-2026-35332: null pointer dereference when handling ECDH public value in TLS (bsc#1261708). * CVE-2026-35333: integer underflow when handling RADIUS attributes (bsc#1261706). * CVE-2026-35334: possible null pointer dereference in RSA decryption (bsc#1261720). * CVE-2026-47895: double-free when destroying certain cloned identities (bsc#1266360). ## Patch Instructions:
Topics Covered
References
* bsc#1261705
* bsc#1261706
* bsc#1261708
* bsc#1261712
* bsc#1261717
* bsc#1261718
* bsc#1261720
* bsc#1266360
Cross-
* CVE-2026-35328
* CVE-2026-35329
* CVE-2026-35330
* CVE-2026-35331
* CVE-2026-35332
* CVE-2026-35333
* CVE-2026-35334
* CVE-2026-47895
CVSS scores:
* CVE-2026-35328 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-35328 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-35329 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-35329 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-35330 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2026:2368-1
Release Date: 2026-06-11T12:22:00Z
Rating: important
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!