CVE-2014-9221 — strongswan - security update

Description

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.

How to fix CVE-2014-9221

To remediate CVE-2014-9221, upgrade the affected package to a fixed version below.

Debian/strongswan—upgrade to 5.2.1-5 or later
Debian/strongswan—upgrade to 4.5.2-1.5+deb7u6 or later

Is CVE-2014-9221 being exploited?

Moderate — EPSS is 6.9%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (2)

from 0, < 5.2.1-5
from 0, < 4.5.2-1.5+deb7u6

References (1)

ADVISORYsecurity-tracker.debian.org/tracker/CVE-2014-9221