StackPatch is liveSee product

Back to CVE digest
CVE-2026-47895 · cross-distro fix matrix

CVE-2026-47895: Elliott Childre discovered that strongSwan incorrectly handled the cloning

Affects 4 Linux releases across 50 (distro × package) combinations. First disclosed: 2026-06-08.

Fix per ecosystem

Each block below is a distro release where CVE-2026-47895 has a known fix. Run the listed command on that distro to remediate.

Ubuntu jammy

Source: Ubuntu USN

  • strongswan→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan
  • charon-cmd→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y charon-cmd
  • charon-systemd→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y charon-systemd
  • libcharon-extauth-plugins→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y libcharon-extauth-plugins
  • libcharon-extra-plugins→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y libcharon-extra-plugins
  • libstrongswan→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan
  • libstrongswan-extra-plugins→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan-extra-plugins
  • libstrongswan-standard-plugins→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan-standard-plugins
  • strongswan-charon→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-charon
  • strongswan-libcharon→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-libcharon
  • strongswan-nm→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-nm
  • strongswan-pki→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-pki
  • strongswan-scepclient→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-scepclient
  • strongswan-starter→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-starter
  • strongswan-swanctl→ fixed in5.9.5-2ubuntu2.7USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-swanctl

Ubuntu noble

Source: Ubuntu USN

  • strongswan→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan
  • charon-cmd→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y charon-cmd
  • charon-systemd→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y charon-systemd
  • libcharon-extauth-plugins→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y libcharon-extauth-plugins
  • libcharon-extra-plugins→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y libcharon-extra-plugins
  • libstrongswan→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan
  • libstrongswan-extra-plugins→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan-extra-plugins
  • libstrongswan-standard-plugins→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan-standard-plugins
  • strongswan-charon→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-charon
  • strongswan-libcharon→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-libcharon
  • strongswan-nm→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-nm
  • strongswan-pki→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-pki
  • strongswan-starter→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-starter
  • strongswan-swanctl→ fixed in5.9.13-2ubuntu4.24.04.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-swanctl

Ubuntu questing

Source: Ubuntu USN

  • strongswan→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan
  • charon-cmd→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y charon-cmd
  • charon-systemd→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y charon-systemd
  • libcharon-extauth-plugins→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y libcharon-extauth-plugins
  • libcharon-extra-plugins→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y libcharon-extra-plugins
  • libstrongswan→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan
  • libstrongswan-extra-plugins→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan-extra-plugins
  • libstrongswan-standard-plugins→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan-standard-plugins
  • strongswan-charon→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-charon
  • strongswan-libcharon→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-libcharon
  • strongswan-nm→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-nm
  • strongswan-pki→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-pki
  • strongswan-starter→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-starter
  • strongswan-swanctl→ fixed in6.0.1-6ubuntu4.4USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan-swanctl

Ubuntu resolute

Source: Ubuntu USN

  • strongswan→ fixed in6.0.4-1ubuntu3.1USN-8407-1
    sudo apt-get install --only-upgrade -y strongswan
  • charon-cmd→ fixed in6.0.4-1ubuntu3.1USN-8407-1
    sudo apt-get install --only-upgrade -y charon-cmd
  • charon-systemd→ fixed in6.0.4-1ubuntu3.1USN-8407-1
    sudo apt-get install --only-upgrade -y charon-systemd
  • libcharon-extauth-plugins→ fixed in6.0.4-1ubuntu3.1USN-8407-1
    sudo apt-get install --only-upgrade -y libcharon-extauth-plugins
  • libcharon-extra-plugins→ fixed in6.0.4-1ubuntu3.1USN-8407-1
    sudo apt-get install --only-upgrade -y libcharon-extra-plugins
  • libstrongswan→ fixed in6.0.4-1ubuntu3.1USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan
  • libstrongswan-extra-plugins→ fixed in6.0.4-1ubuntu3.1USN-8407-1
    sudo apt-get install --only-upgrade -y libstrongswan-extra-plugins
Are YOU affected by CVE-2026-47895?

5-second check on your actual server. Reads /etc/os-release, uname -r, and the distro's package manager; matches against this same cross-source index live.

curl https://mindsparkstack.com/scan.sh | bash
Form-based quickscan View on NVD
Continuous monitoring beats manual checking

CVE-2026-47895dropped silently in your distro's update channel. Every new CVE is the same story. StackPatch runs the matcher hourly against all 5 sources and emails the exact remediation when something new applies to one of your servers. $99 lifetime, 50 founder seats, 30-day refund.

See StackPatch ($99 lifetime)