View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-9023 severity moderate: SUSE including 70 source package names (strongswan, strongswan-4.4.0-6.35.1, …), 159 product×package rows across 41 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (41 product lines)): Fixed 118, Known Not Affected 41.
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.