Lucene search
K

13 matches found

OSV
OSV
added 2026/04/14 8:35 a.m.4 views

CLSA-2025-1757947429 libreswan: Fix of CVE-2023-38711

CVE-2023-38711: fix a NULL pointer dereference in IKEv1 Quick Mode with IDIPV4ADDR/IDIPV6ADDR that causes a crash and restart of the pluto daemon when it receives an IDcr payload with IDFQDN...

6.5CVSS6.6AI score0.00691EPSS
Exploits0References1
OSV
OSV
added 2025/09/15 6:49 p.m.4 views

CLSA-2025-1757962152 libreswan: Fix of CVE-2023-38712

CVE-2023-38712: fix a NULL pointer dereference caused by a duplicated Delete/Notify message which causes the pluto daemon to crash and restart...

6.5CVSS6.6AI score0.00691EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/01/02 9:44 p.m.4 views

libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS6.4AI score0.01581EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/01/02 8:2 p.m.5 views

libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS6.4AI score0.01581EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/01/02 6:44 p.m.4 views

libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS6.4AI score0.01581EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/11/19 2:2 a.m.2 views

SUSE CVE-2023-38712

An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...

7.5CVSS6.9AI score0.00691EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/10/31 2:20 a.m.3 views

SUSE CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS7.7AI score0.01581EPSS
Exploits0References2
OSV
OSV
added 2023/08/25 9:15 p.m.2 views

DEBIAN-CVE-2023-38711

An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...

6.5CVSS6.3AI score0.00691EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/16 7:43 p.m.4 views

libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS6.4AI score0.01581EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/05/16 10:52 a.m.8 views

libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS6.4AI score0.01581EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/05/04 1:19 p.m.5 views

libreswan: Malicious IKEv1 Aggressive Mode packets can crash libreswan

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS6.4AI score0.01175EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/04 1:8 p.m.4 views

libreswan: Malicious IKEv1 Aggressive Mode packets can crash libreswan

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS6.4AI score0.01175EPSS
Exploits0References6
OSV
OSV
added 2009/06/25 2:0 a.m.1 views

DEBIAN-CVE-2009-2185

The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...

5CVSS6.8AI score0.02707EPSS
Exploits0References1
Rows per page
Query Builder