strongSwan is an IPSec implementation for Linux.
Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details.
A vulnerability in charon-tkm related to processing DH public values was discovered in strongSwan that can result in a buffer overflow and potentially remote code execution.
There is no known workaround at this time.
All strongSwan users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-vpn/strongswan-5.9.13"