https://feed.craftedsignal.io/tags/strongswan/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 24 Mar 2026 12:00:00 +0000https://feed.craftedsignal.io/briefs/2026-03-strongswan-dos/Tue, 24 Mar 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-strongswan-dos/An integer underflow vulnerability in strongSwan's EAP-TTLS AVP parser allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication, leading to excessive memory allocation or a NULL pointer dereference.<p>The strongSwan VPN suite is susceptible to an integer underflow vulnerability (CVE-2026-25075) affecting versions 4.5.0 up to 6.0.4. This flaw resides within the EAP-TTLS AVP (Attribute Value Pair) parser. A remote, unauthenticated attacker can exploit this vulnerability by sending specifically crafted AVP data during the IKEv2 (Internet Key Exchange version 2) authentication process. Successful exploitation leads to a denial-of-service condition due to excessive memory allocation or a NULL…</p> highadvisorydenial-of-serviceinteger-underflowstrongSwanCVE-2026-25075