CVE-2023-38711

2023-08-2500:00:00

mitre

www.cve.org

cve-2023-38711

libreswan

quick mode

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.4%

JSON

An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.