The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.
CPE | Name | Operator | Version |
---|---|---|---|
strongswan | eq | 4.1.11 | |
strongswan | eq | 4.2.14 | |
strongswan | eq | 4.5.0 | |
strongswan | eq | 4.3.5 | |
strongswan | eq | 4.6.3 | |
strongswan | eq | 4.6.1 | |
strongswan | eq | 4.3.5rc1 | |
strongswan | eq | 4.1.9 | |
strongswan | eq | 4.2.4 | |
strongswan | eq | 4.2.8 |
access.redhat.com/errata/RHSA-2019:3391
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155
libreswan.org/security/CVE-2019-10155/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUEXFCN7FAYBKJBQJLYCEUQUCHDEJRZW/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFGPGLLKAXSLWFI62A6BZHTZSCHRCBXS/