Nixpkgs Security Tracker

Permalink CVE-2025-62291

updated 3 weeks, 4 days ago by @LeSuisse Activity log

Created automatic suggestion 3 weeks, 5 days ago
@LeSuisse removed
4 packages
- strongswanNM
- strongswanTNC
- strongswanTPM
- networkmanager_strongswan
3 weeks, 4 days ago
@LeSuisse dismissed 3 weeks, 4 days ago

In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a …

In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow.

Affected products

strongSwan

<6.0.3

Matching in nixpkgs

pkgs.strongswan

OpenSource IPsec-based VPN Solution

nixos-unstable 6.0.3
- nixpkgs-unstable 6.0.3
- nixos-unstable-small 6.0.3
nixos-25.05 5.9.14
- nixos-25.05-small 5.9.14
- nixpkgs-25.05-darwin 5.9.14

Current stable branch has never been impacted.

https://github.com/NixOS/nixpkgs/commit/d8a0ae9d79b2914faf8864c94e552211284094c5

Suggestions search

Affected products

Matching in nixpkgs

pkgs.strongswan