Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From USN-5250-2:USN-5250-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.Original advisory details:Zhuowei Zhang discovered that stringSwan incorrectly handled EAP authentication. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly bypass client and server authentication.
Solution(s)
ubuntu-upgrade-5-1-2-0ubuntu2-11-esm2ubuntu-upgrade-5-3-5-1ubuntu3-8-esm2ubuntu-upgrade-availableubuntu-upgrade-desktopubuntu-upgrade-infraubuntu-upgrade-libstrongswanubuntu-upgrade-strongswanubuntu-upgrade-ua
ReferencesUSN-5250-1USN-5250-2CVE-2021-45079