What the vulnerability does

01Description

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.

Key dates

02Disclosure timeline

May 31, 2018 CVE published
August 5, 2024 Record updated