2430429 – (CVE-2025-62291) CVE-2025-62291 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

Bug 2430429 (CVE-2025-62291) - CVE-2025-62291 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

Summary: CVE-2025-62291 strongswan: strongSwan: Arbitrary Code Execution and Denial of...

Keywords:
Status:	NEW
Alias:	CVE-2025-62291
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2430433 2430434 2430435 2430437 2430432 2430436
Blocks:
TreeView+	depends on / blocked

Reported:	2026-01-16 19:01 UTC by OSIDB Bzimport
Modified:	2026-01-16 19:46 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-01-16 19:01:55 UTC

In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow.

Note You need to log in before you can comment on or make changes to this bug.