diff -Nru strongswan-5.9.5/debian/changelog strongswan-5.9.5/debian/changelog
--- strongswan-5.9.5/debian/changelog	2022-09-20 18:07:10.000000000 +0000
+++ strongswan-5.9.5/debian/changelog	2023-11-07 09:46:10.000000000 +0000
@@ -1,3 +1,13 @@
+strongswan (5.9.5-2ubuntu2.2) jammy-security; urgency=medium
+
+  * SECURITY UPDATE: Buffer Overflow When Handling DH Public Values
+    - debian/patches/CVE-2023-41913.patch: Validate DH public key to fix
+      potential buffer overflow in
+      src/charon-tkm/src/tkm/tkm_diffie_hellman.c.
+    - CVE-2023-41913
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 07 Nov 2023 11:46:10 +0200
+
 strongswan (5.9.5-2ubuntu2.1) jammy-security; urgency=medium
 
   * SECURITY UPDATE: Using Untrusted URIs for Revocation Checking
diff -Nru strongswan-5.9.5/debian/patches/CVE-2023-41913.patch strongswan-5.9.5/debian/patches/CVE-2023-41913.patch
--- strongswan-5.9.5/debian/patches/CVE-2023-41913.patch	1970-01-01 00:00:00.000000000 +0000
+++ strongswan-5.9.5/debian/patches/CVE-2023-41913.patch	2023-11-07 09:45:35.000000000 +0000
@@ -0,0 +1,37 @@
+From 027421cbd2e6e628f5f959c74d722afadc477485 Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias@strongswan.org>
+Date: Tue, 11 Jul 2023 12:12:25 +0200
+Subject: [PATCH] charon-tkm: Validate DH public key to fix potential buffer
+ overflow
+
+Seems this was forgotten in the referenced commit and actually could lead
+to a buffer overflow.  Since charon-tkm is untrusted this isn't that
+much of an issue but could at least be easily exploited for a DoS attack
+as DH public values are set when handling IKE_SA_INIT requests.
+
+Fixes: 0356089d0f94 ("diffie-hellman: Verify public DH values in backends")
+Fixes: CVE-2023-41913
+---
+ src/charon-tkm/src/tkm/tkm_diffie_hellman.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+--- a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
++++ b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
+@@ -69,11 +69,16 @@ METHOD(diffie_hellman_t, get_shared_secr
+ 	return TRUE;
+ }
+ 
+-
+ METHOD(diffie_hellman_t, set_other_public_value, bool,
+ 	private_tkm_diffie_hellman_t *this, chunk_t value)
+ {
+ 	dh_pubvalue_type othervalue;
++
++	if (!key_exchange_verify_pubkey(this->group, value) ||
++		value.len > sizeof(othervalue.data))
++	{
++		return FALSE;
++	}
+ 	othervalue.size = value.len;
+ 	memcpy(&othervalue.data, value.ptr, value.len);
+ 
diff -Nru strongswan-5.9.5/debian/patches/series strongswan-5.9.5/debian/patches/series
--- strongswan-5.9.5/debian/patches/series	2022-09-20 18:07:03.000000000 +0000
+++ strongswan-5.9.5/debian/patches/series	2023-11-07 09:45:31.000000000 +0000
@@ -5,3 +5,4 @@
 dont-load-kernel-libipsec-plugin-by-default.patch
 lp1964977-fix-ipsec-pki-segfault.patch
 CVE-2022-40617.patch
+CVE-2023-41913.patch