CVE-2014-9221
strongSwan 4.5.x-5.2.x - Denial of Service via Crafted IKEv2 KE Message with DH Group 1025
Title source: llmDescription
strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.
References (11)
Core 11
Core References
Permissions Required, Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62095
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2450-1
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3118
Permissions Required, Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62071
Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153825.html
Permissions Required, Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62663
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-01/msg00054.html
Vendor Advisory x_refsource_confirm
http://strongswan.org/blog/2015/01/05/strongswan-5.2.2-released.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62083
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/71894
Various Sources x_refsource_confirm
http://strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-%28cve-2014-9221%29.html
Scores
EPSS
0.0382
EPSS Percentile
88.9%
Details
CWE
CWE-19
Status
published
Products (25)
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
14.10
debian/debian_linux
7.0
fedoraproject/fedora
21
opensuse/opensuse
13.1
opensuse/opensuse
13.2
strongswan/strongswan
4.5.0
strongswan/strongswan
4.5.1
strongswan/strongswan
4.5.2
strongswan/strongswan
4.5.3
... and 15 more
Published
Jan 07, 2015
Tracked Since
Feb 18, 2026