rpm package
almalinux/libreswan
pkg:rpm/almalinux/libreswan
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-3652 | — | < 4.12-2.el9_4.1 | 4.12-2.el9_4.1 | Apr 11, 2024 | The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affe | ||
| CVE-2024-2357 | Med | 6.5 | < 4.12-2.el8_9.2.alma.1 | 4.12-2.el8_9.2.alma.1 | Mar 11, 2024 | The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatica | |
| CVE-2023-38712 | — | < 4.12-1.el9 | 4.12-1.el9 | Aug 25, 2023 | An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on t | ||
| CVE-2023-38711 | — | < 4.12-1.el9 | 4.12-1.el9 | Aug 25, 2023 | An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version | ||
| CVE-2023-38710 | — | < 4.12-1.el9 | 4.12-1.el9 | Aug 25, 2023 | An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies | ||
| CVE-2023-30570 | — | < 4.5-1.el8_7.1 | 4.5-1.el8_7.1 | May 28, 2023 | pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28. | ||
| CVE-2023-2295 | — | < 4.9-3.el8_8 | 4.9-3.el8_8 | May 17, 2023 | A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the | ||
| CVE-2023-23009 | — | < 4.9-2.el9_2 | 4.9-2.el9_2 | Feb 21, 2023 | Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length. | ||
| CVE-2022-23094 | — | < 4.4-4.el8_5 | 4.4-4.el8_5 | Jan 15, 2022 | Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6. |
- CVE-2024-3652Apr 11, 2024affected < 4.12-2.el9_4.1fixed 4.12-2.el9_4.1
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affe
- affected < 4.12-2.el8_9.2.alma.1fixed 4.12-2.el8_9.2.alma.1
The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatica
- CVE-2023-38712Aug 25, 2023affected < 4.12-1.el9fixed 4.12-1.el9
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on t
- CVE-2023-38711Aug 25, 2023affected < 4.12-1.el9fixed 4.12-1.el9
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version
- CVE-2023-38710Aug 25, 2023affected < 4.12-1.el9fixed 4.12-1.el9
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies
- CVE-2023-30570May 28, 2023affected < 4.5-1.el8_7.1fixed 4.5-1.el8_7.1
pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.
- CVE-2023-2295May 17, 2023affected < 4.9-3.el8_8fixed 4.9-3.el8_8
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the
- CVE-2023-23009Feb 21, 2023affected < 4.9-2.el9_2fixed 4.9-2.el9_2
Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.
- CVE-2022-23094Jan 15, 2022affected < 4.4-4.el8_5fixed 4.4-4.el8_5
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.