A flaw was found in strongSwan VPN's charon server prior to version 5.6.3. In stroke_socket.c, a missing packet length check could allow a integer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. A remote attacker with local user credentials (possibly a normal user in the vpn group, or root) may be able to overflow the buffer and cause a denial of service.
Created strongswan tracking bugs for this issue:
Affects: epel-all [bug 1581869]
Affects: fedora-all [bug 1581868]
The vulnerable code is reachable only through the Unix Domain Socket that handles `stroke` messages. Moreover, it seems the flaw cannot be used in any other way apart from generating a Denial of Service.
On Red Hat Enterprise Linux 7 only root has access to /var/run/charon.ctl so you need to be already root to exploit the vulnerability.