CVE-2025-62291

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-62291
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-62291.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-62291
Downstream
Related
Published
2026-01-16T19:16:18.163Z
Modified
2026-04-16T04:30:18.897100531Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow.

References

Affected packages

Git / github.com/strongswan/strongswan

Affected ranges

Type
GIT
Repo
https://github.com/strongswan/strongswan
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
c1605845b4fbc5e2b53aeb0a956578fa10ee5fba
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "6.0.3"
        }
    ]
}

Affected versions

4.*
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.1.0
4.1.1
4.1.10
4.1.11
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.1.8
4.1.9
4.2.0
4.2.1
4.2.10
4.2.11
4.2.12
4.2.13
4.2.14
4.2.2
4.2.3
4.2.4
4.2.5
4.2.6
4.2.7
4.2.8
4.2.9
4.3.0
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.5rc1
4.3.6
4.4.0
4.4.1
4.5.0
4.5.1
4.5.2
4.5.3
4.6.0
4.6.1
4.6.2
4.6.3
5.*
5.0.0
5.0.1
5.0.2
5.0.2dr4
5.0.2rc1
5.0.3
5.0.3dr1
5.0.3dr2
5.0.3dr3
5.0.3rc1
5.0.4
5.1.0
5.1.0dr1
5.1.0dr2
5.1.0rc1
5.1.1
5.1.1dr1
5.1.1dr2
5.1.1dr3
5.1.1dr4
5.1.1rc1
5.1.2
5.1.2.dr2
5.1.2dr1
5.1.2dr3
5.1.2rc1
5.1.2rc2
5.1.3
5.1.3dr1
5.1.3rc1
5.2.0
5.2.0dr1
5.2.0dr2
5.2.0dr3
5.2.0dr4
5.2.0dr5
5.2.0dr6
5.2.0rc1
5.2.1
5.2.1dr1
5.2.1rc1
5.2.2
5.2.2dr1
5.2.2rc1
5.3.0
5.3.0dr1
5.3.0rc1
5.3.1
5.3.1dr1
5.3.1rc1
5.3.2
5.3.3
5.3.3dr1
5.3.3dr3
5.3.3dr4
5.3.3dr5
5.3.3dr6
5.3.3rc2
5.3.4
5.3.4dr1
5.3.4dr2
5.3.4dr3
5.3.4rc1
5.3.5
5.4.0
5.4.0dr1
5.4.0dr2
5.4.0dr3
5.4.0dr4
5.4.0dr5
5.4.0dr6
5.4.0dr7
5.4.0dr8
5.4.0rc1
5.4.1dr1
5.4.1dr2
5.4.1dr3
5.4.1dr4
5.5.0
5.5.0dr1
5.5.0rc1
5.5.1
5.5.1dr1
5.5.1dr2
5.5.1dr3
5.5.1dr4
5.5.1dr5
5.5.1rc1
5.5.1rc2
5.5.2
5.5.2dr1
5.5.2dr2
5.5.2dr3
5.5.2dr4
5.5.2dr5
5.5.2dr6
5.5.2dr7
5.5.2rc1
5.5.3
5.5.3dr1
5.5.3dr2
5.6.0
5.6.0dr1
5.6.0dr2
5.6.0dr3
5.6.0dr4
5.6.0rc1
5.6.0rc2
5.6.1
5.6.1dr1
5.6.1dr2
5.6.1dr3
5.6.1rc1
5.6.2
5.6.2dr1
5.6.2dr2
5.6.2dr3
5.6.2dr4
5.6.2rc1
5.6.3
5.6.3dr1
5.6.3dr2
5.6.3rc1
5.7.0
5.7.0dr1
5.7.0dr2
5.7.0dr3
5.7.0dr4
5.7.0dr5
5.7.0dr6
5.7.0dr8
5.7.0rc1
5.7.0rc2
5.7.1
5.7.2
5.7.2dr1
5.7.2dr2
5.7.2dr3
5.7.2dr4
5.7.2rc1
5.8.0
5.8.0dr2
5.8.0rc1
5.8.1
5.8.1dr1
5.8.1rc2
5.8.2
5.8.2dr1
5.8.2dr2
5.8.2rc1
5.8.2rc2
5.8.3
5.8.3rc1
5.8.4
5.9.0
5.9.0dr1
5.9.0dr2
5.9.0rc1
5.9.1
5.9.1dr1
5.9.1rc1

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "6"
            },
            {
                "last_affected": "8"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-62291.json"