From e3b2faf712e07d44e561a8ab72fef7eea5957f9b Mon Sep 17 00:00:00 2001
From: Rahul Jain <rahul.jain@suse.com>
Date: Mon, 6 Apr 2026 13:53:31 +0530
Subject: [PATCH] CVE-2026-25075:Integer Underflow When Handling EAP-TTLS AVP

---
 src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
index 5ceff40..b1aee6f 100644
--- a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
+++ b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
@@ -171,7 +171,7 @@ METHOD(authenticator_t, process, status_t,
 			scheme = SIGN_ECDSA_521;
 			break;
 		default:
-			return INVALID_ARG;
+			return FAILED;
 	}
 	auth_data = auth_payload->get_data(auth_payload);
 	id = this->ike_sa->get_other_id(this->ike_sa);
-- 
2.50.0