Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-3652HistoryApr 11, 2024 - 2:15 a.m.
CVE-2024-3652
2024-04-1102:15:47
Debian Security Bug Tracker
security-tracker.debian.org
6
libreswan
ikev1
aes-gmac
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan’s default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libreswan | <= 4.10-2+deb12u1 | libreswan_4.10-2+deb12u1_all.deb |
| Debian | 11 | all | libreswan | <= 4.3-1+deb11u4 | libreswan_4.3-1+deb11u4_all.deb |
| Debian | 10 | all | libreswan | <= 3.27-6+deb10u1 | libreswan_3.27-6+deb10u1_all.deb |
| Debian | 999 | all | libreswan | <= 4.14-1 | libreswan_4.14-1_all.deb |
| Debian | 13 | all | libreswan | <= 4.14-1 | libreswan_4.14-1_all.deb |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0138)
2024-04-19 00:00:00
nessus
nessus
Libreswan 3.22 < 4.15 / 5.0rc1 < 5.0 DoS
2024-04-25 00:00:00
Amazon Linux 2023 : libreswan (ALAS2023-2024-621)
2024-05-28 00:00:00
RHEL 7 : libreswan (Unpatched Vulnerability)
2024-05-11 00:00:00
osv
osv
CVE-2024-3652
2024-04-11 02:15:47
redhatcve
redhatcve
CVE-2024-3652
2024-04-17 13:03:32
cve
cve
CVE-2024-3652
2024-04-11 02:15:47
ubuntucve
ubuntucve
CVE-2024-3652
2024-04-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-3652 affecting package libreswan for versions less than 4.14-2
2024-04-30 01:31:53
nvd
nvd
CVE-2024-3652
2024-04-11 02:15:47
cvelist
cvelist
alpinelinux
alpinelinux
CVE-2024-3652
2024-04-11 02:15:47
mageia
mageia
Updated libreswan packages fix security vulnerability
2024-04-19 04:16:42