The integrity of the mGuard firmware atomic update process cannot be guaranteed under all circumstances.
The mGuard atomic update mechanism relies on internal checksums for the integrity verification of some portions of the update packages. The verification of these internal checksums may not always be performed correctly.
Openswan 2.6.39 and earlier, which is used in the mGuard firmware version 8.0.0 to 8.5.1, allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.