Lucene search
K

972 matches found

RedhatCVE
RedhatCVE
added yesterday6 views

CVE-2026-12413

A flaw was found in Libreswan's IKEv2 fragment reassembly mechanism. When a VPN gateway processes incoming split network packets fragments containing unexpected data, an off-by-one boundary validation error triggers an internal program safety check assertion failure. A remote, unauthenticated...

7.5CVSS6AI score0.00597EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added yesterday7 views

CVE-2026-50722

A flaw was found in Libreswan's implementation of IKEv2 authentication when processing signatures utilizing the RSASSA-PKCS1-v15 scheme. The RSAauthenticatehashsignaturepkcs115rsa function does not correctly validate the DER encoding of the ASN.1 digest. A remote, unauthenticated attacker could...

8.1CVSS6.1AI score0.00352EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-50721

A flaw was found in Libreswan's implementation of IKEv1 authentication via raw RSA signatures. When processing an IKEv1 packet using PKCS 1 v1.5 RSA encryption, the RSAauthenticatehashsignaturerawrsa function fails to properly validate the length of the authentication hash. A remote,...

8.1CVSS6AI score0.00392EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/03 12:31 a.m.9 views

EUVD-2026-41440

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.3AI score0.00392EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/03 12:31 a.m.8 views

EUVD-2026-41441

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS6.3AI score0.00392EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/03 12:31 a.m.7 views

EUVD-2026-41439

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-12413

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The functi...

7.5CVSS6.5AI score0.00597EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-50722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload wa...

8.1CVSS6.5AI score0.00352EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-50721

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1...

8.1CVSS6.5AI score0.00392EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 10:16 p.m.6 views

DEBIAN-CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

5.9CVSS6.5AI score0.00352EPSS
Exploits0References1
OSV
OSV
added 2026/07/02 10:16 p.m.4 views

DEBIAN-CVE-2026-50721

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

5.9CVSS6.5AI score0.00392EPSS
Exploits0References1
OSV
OSV
added 2026/07/02 10:16 p.m.2 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

5.9CVSS6.4AI score0.00392EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 10:16 p.m.7 views

CVE-2026-50721

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

5.9CVSS6.4AI score0.00392EPSS
Exploits0References4
NVD
NVD
added 2026/07/02 10:16 p.m.9 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS0.00352EPSS
Exploits0References4
NVD
NVD
added 2026/07/02 10:16 p.m.6 views

CVE-2026-50721

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS0.00392EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 10:16 p.m.4 views

DEBIAN-CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.6AI score0.00597EPSS
Exploits0References1
OSV
OSV
added 2026/07/02 10:16 p.m.3 views

CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.5AI score0.00597EPSS
Exploits0References2
NVD
NVD
added 2026/07/02 10:16 p.m.5 views

CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS0.00597EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 10:16 p.m.4 views

UBUNTU-CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.5AI score0.00392EPSS
Exploits0References6
OSV
OSV
added 2026/07/02 10:16 p.m.3 views

UBUNTU-CVE-2026-50721

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS6.5AI score0.00392EPSS
Exploits0References6
Rows per page
Query Builder