View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-5388 severity moderate: SUSE including 77 source package names (strongswan-4.4.0-6.36.6.1, strongswan-5.1.3-26.13.1, …), 173 product×package rows across 37 product lines (SUSE Enterprise Storage 4, SUSE Enterprise Storage 5, … (37 product lines)): Fixed 173.
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.