Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2225747,
    "url": "http://patchwork.ozlabs.org/api/patches/2225747/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/buildroot/patch/20260421143310.2795827-1-titouan.christophe@mind.be/",
    "project": {
        "id": 27,
        "url": "http://patchwork.ozlabs.org/api/projects/27/?format=api",
        "name": "Buildroot development",
        "link_name": "buildroot",
        "list_id": "buildroot.buildroot.org",
        "list_email": "buildroot@buildroot.org",
        "web_url": "",
        "scm_url": "",
        "webscm_url": "",
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20260421143310.2795827-1-titouan.christophe@mind.be>",
    "list_archive_url": null,
    "date": "2026-04-21T14:33:10",
    "name": "[for,2025.02.x] package/strongswan: add patch for CVE-2026-25075",
    "commit_ref": null,
    "pull_url": null,
    "state": "accepted",
    "archived": false,
    "hash": "d9ebc309b80a835ae96e56a564647da32c94cc5b",
    "submitter": {
        "id": 90763,
        "url": "http://patchwork.ozlabs.org/api/people/90763/?format=api",
        "name": "Titouan Christophe",
        "email": "titouan.christophe@mind.be"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/buildroot/patch/20260421143310.2795827-1-titouan.christophe@mind.be/mbox/",
    "series": [
        {
            "id": 500821,
            "url": "http://patchwork.ozlabs.org/api/series/500821/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/buildroot/list/?series=500821",
            "date": "2026-04-21T14:33:10",
            "name": "[for,2025.02.x] package/strongswan: add patch for CVE-2026-25075",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/500821/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2225747/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2225747/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<buildroot-bounces@buildroot.org>",
        "X-Original-To": [
            "incoming-buildroot@patchwork.ozlabs.org",
            "buildroot@buildroot.org"
        ],
        "Delivered-To": [
            "patchwork-incoming-buildroot@legolas.ozlabs.org",
            "buildroot@buildroot.org"
        ],
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=buildroot.org header.i=@buildroot.org\n header.a=rsa-sha256 header.s=default header.b=Ini8C37X;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org\n (client-ip=140.211.166.136; helo=smtp3.osuosl.org;\n envelope-from=buildroot-bounces@buildroot.org; receiver=patchwork.ozlabs.org)"
        ],
        "Received": [
            "from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g0Pwx0QzXz1yGt\n\tfor <incoming-buildroot@patchwork.ozlabs.org>;\n Wed, 22 Apr 2026 00:33:36 +1000 (AEST)",
            "from localhost (localhost [127.0.0.1])\n\tby smtp3.osuosl.org (Postfix) with ESMTP id 217BD606EE;\n\tTue, 21 Apr 2026 14:33:34 +0000 (UTC)",
            "from smtp3.osuosl.org ([127.0.0.1])\n by localhost (smtp3.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id jwbE0JrSTtms; Tue, 21 Apr 2026 14:33:33 +0000 (UTC)",
            "from lists1.osuosl.org (lists1.osuosl.org [140.211.166.142])\n\tby smtp3.osuosl.org (Postfix) with ESMTP id 3077260723;\n\tTue, 21 Apr 2026 14:33:33 +0000 (UTC)",
            "from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138])\n by lists1.osuosl.org (Postfix) with ESMTP id 6DB84259\n for <buildroot@buildroot.org>; Tue, 21 Apr 2026 14:33:31 +0000 (UTC)",
            "from localhost (localhost [127.0.0.1])\n by smtp1.osuosl.org (Postfix) with ESMTP id 5F14883BDD\n for <buildroot@buildroot.org>; Tue, 21 Apr 2026 14:33:31 +0000 (UTC)",
            "from smtp1.osuosl.org ([127.0.0.1])\n by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id OV-PqLi-Fja8 for <buildroot@buildroot.org>;\n Tue, 21 Apr 2026 14:33:30 +0000 (UTC)",
            "from mail-wm1-x32f.google.com (mail-wm1-x32f.google.com\n [IPv6:2a00:1450:4864:20::32f])\n by smtp1.osuosl.org (Postfix) with ESMTPS id 0D57A83B9D\n for <buildroot@buildroot.org>; Tue, 21 Apr 2026 14:33:29 +0000 (UTC)",
            "by mail-wm1-x32f.google.com with SMTP id\n 5b1f17b1804b1-4891b0786beso20769065e9.1\n for <buildroot@buildroot.org>; Tue, 21 Apr 2026 07:33:29 -0700 (PDT)",
            "from dragon.home ([109.136.97.112]) by smtp.gmail.com with ESMTPSA\n id\n 5b1f17b1804b1-488fc1393f5sm349704055e9.9.2026.04.21.07.33.26\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Tue, 21 Apr 2026 07:33:27 -0700 (PDT)"
        ],
        "X-Virus-Scanned": [
            "amavis at osuosl.org",
            "amavis at osuosl.org"
        ],
        "X-Comment": "SPF check N/A for local connections - client-ip=140.211.166.142;\n helo=lists1.osuosl.org; envelope-from=buildroot-bounces@buildroot.org;\n receiver=<UNKNOWN> ",
        "DKIM-Filter": [
            "OpenDKIM Filter v2.11.0 smtp3.osuosl.org 3077260723",
            "OpenDKIM Filter v2.11.0 smtp1.osuosl.org 0D57A83B9D"
        ],
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=buildroot.org;\n\ts=default; t=1776782013;\n\tbh=v4hqz4sWV23M8qKlvkcJHv4TMR9Q+f8GYWX+sGUnZGA=;\n\th=To:Cc:Date:Subject:List-Id:List-Unsubscribe:List-Archive:\n\t List-Post:List-Help:List-Subscribe:From:Reply-To:From;\n\tb=Ini8C37XbqdFgBwPDPuHa+3+/EKV2lt1y9ZlVYRBJl7b+KASSp0JY3huFEgkLdaa4\n\t AuENW6x8Kq/HNwPmeQwnxa7qJG6lr+35G1iwf58gYOok3Uu3P4WCxBs6vqhD5iLOdQ\n\t +aMAsoKjgX5czerIimY7y3iEBvOJH6w7E0Hi4UjnxiA5ZTSCRJCivah9Z/j8JEtAGG\n\t UZnmIIYTzNdWZyIYQJEO4cLDXIY8PsALrR0+BQ8eCVPH4FnFcSkTn1iFoB5Ft0L9oJ\n\t 5wV1mR2ZOsLCXvhOz48W0ttgNhO1PfDqxuvx0mTHhRtn2bJSuzapp/KqZhkO98PH0X\n\t gsAWuxKQkLm/Q==",
        "Received-SPF": "Pass (mailfrom) identity=mailfrom;\n client-ip=2a00:1450:4864:20::32f; helo=mail-wm1-x32f.google.com;\n envelope-from=titouan.christophe@essensium.com; receiver=<UNKNOWN>",
        "DMARC-Filter": "OpenDMARC Filter v1.4.2 smtp1.osuosl.org 0D57A83B9D",
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1776782008; x=1777386808;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date\n :message-id:reply-to;\n bh=QZE9M6Dr53/L4kO0n9x0Z4cRJMl2V2a5pMVt5TclQDc=;\n b=NcxhggE3YhUxjiu9Kz389NEOnjBcI2pZ4Q7+S65NwTwB8u0MCMmKe5Tn/xbnbLn0HH\n ltCl4wx3Nlktz960UOtmr2n5pMosTrbpGB+V/TiZQ97fUJspV3EruTpJcKXzVsPKLJZj\n 96fsv0MWCf5/HK743rDqplDa16+R1dmkHHMmLUR48UOta7P3ZbfbqmF3xwRNJNRW0EjA\n GXvWTiy1n4IuIRcqiDLc5ul+1ZnWBNtMr1DP9s8/I+VzsiUOhYmoGSUzFgmwq1xQondZ\n qEf1D+cEOsHGdw5GbwkvhBuXyxh8Zw/eCyWXwGx135IZ+koKqeq7dAZq2vsdHg/JPyUS\n KVWg==",
        "X-Gm-Message-State": "AOJu0YyXblEP7luTanfEAc8Ak+TMonNebDxvDr0xPYoV4JtLwtI0TXsy\n h8pjPRxTjF2g0J/GZViEtV8NZyTMHVr9oAc5zpolcS22OwS9WTykjJ3CVPpkw97kxPZ76gLVH3Q\n 0C2fS/4o=",
        "X-Gm-Gg": "AeBDiesbABIW61qPPqZFhgaswZwCICf4qPO4AxsrpMgdsEasNB7HreXsVz/Qh1m/rUI\n pkc71v6UY9GplRvnvJqlmulwTxORyv0IySVSFqYuIwMZN4d9zPTS0sqHjNhdubhhz4aqs3m6hNy\n FhlOzhgtYdGJGvfYQIg0oQ1V9YVwvGrbHMEriYkjPIFhK9w8YhGCWIUXoENQAHbeEFv41Slb3Ed\n GiJLc612MQ3eK55iPEVP/iLsHjVgQkdVEmxZgeDjrzeaAAtKPp0MyIlCRTLFjvH1wGOzuv9eUKG\n xeQlu4Sjj9eJjdX42CZMgdRhu8mHUbjnIZVq6vDVtppZ+jOo4hGD1yZzsOa7V38VcIzBkJI8Szk\n R7U8hmaDilFXOr9qVG4GszwxQK1/FabTRdgHsBdIc+/FM8+Ky4cXqwBpfOSx3yQZUqD+pcgWbsk\n qccVDFllUXPvGPCZ/Q7b1IuOZbUNSWvmc+yokacQBQ1INSAr01dJdFSA==",
        "X-Received": "by 2002:a05:600c:4fc7:b0:488:dbcb:ca08 with SMTP id\n 5b1f17b1804b1-488fb787a62mr260164695e9.30.1776782007553;\n Tue, 21 Apr 2026 07:33:27 -0700 (PDT)",
        "To": "buildroot@buildroot.org",
        "Cc": "=?utf-8?b?SsOpcsO0bWUgUG91aWxsZXI=?= <jezz@sysmic.org>,\n thomas.perale@mind.be",
        "Date": "Tue, 21 Apr 2026 16:33:10 +0200",
        "Message-ID": "<20260421143310.2795827-1-titouan.christophe@mind.be>",
        "X-Mailer": "git-send-email 2.53.0",
        "MIME-Version": "1.0",
        "X-Mailman-Original-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=mind.be; s=google; t=1776782008; x=1777386808; darn=buildroot.org;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:from:to:cc:subject:date:message-id:reply-to;\n bh=QZE9M6Dr53/L4kO0n9x0Z4cRJMl2V2a5pMVt5TclQDc=;\n b=PQBspwSHxsWy+AlBsdGk0HvTJDHWYxd/yeRzpeakzuhQI6sp0Nd5l1V+4PnuwjLG1J\n t/JHAUvIppZUZ+81LxsAxcKB59DBAov8He5/ibnB2phNz6JMlX5AmC1IIX6XL43CCWdq\n w7OSRboqiDFh63tg4TIKu1lUeh2H4VNXdI1aXZ4x6QOUkHF/Z3ABi6p4yqNoA0qEoUTj\n Wa6bPMvg3I+Cx2cHnu4erWv8QZttZ1mB8wue3jX7TkIujcuctDcw3c4Vu3/2m5VTcMcK\n iWjNc08kx4psGwMNk49Q6IKfoaX3ieMhFSe3I4874CpZmNu4hsCNqwAy18RoMwTtEmnq\n mlwg==",
        "X-Mailman-Original-Authentication-Results": [
            "smtp1.osuosl.org;\n dmarc=pass (p=quarantine dis=none)\n header.from=mind.be",
            "smtp1.osuosl.org;\n dkim=pass (2048-bit key,\n unprotected) header.d=mind.be header.i=@mind.be header.a=rsa-sha256\n header.s=google header.b=PQBspwSH"
        ],
        "Subject": "[Buildroot] [PATCH for 2025.02.x] package/strongswan: add patch for\n CVE-2026-25075",
        "X-BeenThere": "buildroot@buildroot.org",
        "X-Mailman-Version": "2.1.30",
        "Precedence": "list",
        "List-Id": "Discussion and development of buildroot <buildroot.buildroot.org>",
        "List-Unsubscribe": "<https://lists.buildroot.org/mailman/options/buildroot>,\n <mailto:buildroot-request@buildroot.org?subject=unsubscribe>",
        "List-Archive": "<http://lists.buildroot.org/pipermail/buildroot/>",
        "List-Post": "<mailto:buildroot@buildroot.org>",
        "List-Help": "<mailto:buildroot-request@buildroot.org?subject=help>",
        "List-Subscribe": "<https://lists.buildroot.org/mailman/listinfo/buildroot>,\n <mailto:buildroot-request@buildroot.org?subject=subscribe>",
        "From": "Titouan Christophe via buildroot <buildroot@buildroot.org>",
        "Reply-To": "Titouan Christophe <titouan.christophe@mind.be>",
        "Content-Type": "text/plain; charset=\"us-ascii\"",
        "Content-Transfer-Encoding": "7bit",
        "Errors-To": "buildroot-bounces@buildroot.org",
        "Sender": "\"buildroot\" <buildroot-bounces@buildroot.org>"
    },
    "content": "This fixes the following vulnerability:\n- CVE-2026-25075:\n    strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow\n    vulnerability in the EAP-TTLS AVP parser that allows unauthenticated\n    remote attackers to cause a denial of service by sending crafted AVP\n    data with invalid length fields during IKEv2 authentication. Attackers\n    can exploit the failure to validate AVP length fields before\n    subtraction to trigger excessive memory allocation or NULL pointer\n    dereference, crashing the charon IKE daemon.\n    https://www.cve.org/CVERecord?id=CVE-2026-25075\n\nSigned-off-by: Titouan Christophe <titouan.christophe@mind.be>\n---\n .../strongswan/0002-fix-cve-2026-25075.patch  | 48 +++++++++++++++++++\n 1 file changed, 48 insertions(+)\n create mode 100644 package/strongswan/0002-fix-cve-2026-25075.patch",
    "diff": "diff --git a/package/strongswan/0002-fix-cve-2026-25075.patch b/package/strongswan/0002-fix-cve-2026-25075.patch\nnew file mode 100644\nindex 0000000000..82e07fba3f\n--- /dev/null\n+++ b/package/strongswan/0002-fix-cve-2026-25075.patch\n@@ -0,0 +1,48 @@\n+From d4b3c39776f06948d875614a0eddea9561159f2a Mon Sep 17 00:00:00 2001\n+From: Tobias Brunner <tobias@strongswan.org>\n+Date: Thu, 5 Mar 2026 12:43:12 +0100\n+Subject: [PATCH] eap-ttls: Prevent crash if AVP length header field is invalid\n+\n+The length field in the AVP header includes the 8 bytes of the header\n+itself.  Not checking for that and later subtracting it causes an\n+integer underflow that usually triggers a crash when accessing a\n+NULL pointer that resulted from the failing chunk_alloc() call because\n+of the high value.\n+\n+The attempted allocations for invalid lengths (0-7) are 0xfffffff8,\n+0xfffffffc, or 0x100000000 (0 on 32-bit hosts), so this doesn't result\n+in a buffer overflow even if the allocation succeeds.\n+\n+Fixes: 79f2102cb442 (\"implemented server side support for EAP-TTLS\")\n+CVE: CVE-2026-25075\n+Upstream: https://download.strongswan.org/security/CVE-2026-25075/\n+Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>\n+---\n+ src/libcharon/plugins/eap_ttls/eap_ttls_avp.c | 4 ++--\n+ 1 file changed, 2 insertions(+), 2 deletions(-)\n+\n+diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c b/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c\n+index 06389f7ca73e..2983bd021ded 100644\n+--- a/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c\n++++ b/src/libcharon/plugins/eap_ttls/eap_ttls_avp.c\n+@@ -119,7 +119,7 @@ METHOD(eap_ttls_avp_t, process, status_t,\n+ \t\tchunk_free(&this->input);\n+ \t\tthis->inpos = 0;\n+ \n+-\t\tif (!success)\n++\t\tif (!success || avp_len < AVP_HEADER_LEN)\n+ \t\t{\n+ \t\t\tDBG1(DBG_IKE, \"received invalid AVP header\");\n+ \t\t\treturn FAILED;\n+@@ -130,7 +130,7 @@ METHOD(eap_ttls_avp_t, process, status_t,\n+ \t\t\treturn FAILED;\n+ \t\t}\n+ \t\tthis->process_header = FALSE;\n+-\t\tthis->data_len = avp_len - 8;\n++\t\tthis->data_len = avp_len - AVP_HEADER_LEN;\n+ \t\tthis->input = chunk_alloc(this->data_len + (4 - avp_len) % 4);\n+ \t}\n+ \n+-- \n+2.43.0\n+\n",
    "prefixes": [
        "for",
        "2025.02.x"
    ]
}