Lucene search
GoogleOSV:CVE-2024-3652HistoryApr 11, 2024 - 2:15 a.m.
CVE-2024-3652
2024-04-1102:15:47
Google
osv.dev
1
libreswan
ikev1
esp=
assertion failure
aes-gmac
software
vulnerability
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan’s default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0138)
2024-04-19 00:00:00
nessus
nessus
Libreswan 3.22 < 4.15 / 5.0rc1 < 5.0 DoS
2024-04-25 00:00:00
Amazon Linux 2023 : libreswan (ALAS2023-2024-621)
2024-05-28 00:00:00
RHEL 7 : libreswan (Unpatched Vulnerability)
2024-05-11 00:00:00
cvelist
cvelist
redhatcve
redhatcve
CVE-2024-3652
2024-04-17 13:03:32
cve
cve
CVE-2024-3652
2024-04-11 02:15:47
ubuntucve
ubuntucve
CVE-2024-3652
2024-04-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-3652 affecting package libreswan for versions less than 4.14-2
2024-04-30 01:31:53
nvd
nvd
CVE-2024-3652
2024-04-11 02:15:47
debiancve
debiancve
CVE-2024-3652
2024-04-11 02:15:47
alpinelinux
alpinelinux
CVE-2024-3652
2024-04-11 02:15:47
mageia
mageia
Updated libreswan packages fix security vulnerability
2024-04-19 04:16:42