Lucene search
K

126 matches found

OSV
OSV
added 2026/07/03 12:0 a.m.3 views

UBUNTU-CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.6AI score0.00597EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-12413

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The functi...

7.5CVSS6.7AI score0.00597EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 10:16 p.m.2 views

DEBIAN-CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.6AI score0.00597EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 10:16 p.m.5 views

CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS0.00597EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 9:19 p.m.18 views

CVE-2026-12413

The CVE-2026-12413 issue affects Libreswan’s pluto daemon and is triggered by an invalidly formatted IKEv2 fragment. The root cause is an off-by-one error in the assertion within reassemble_v2_incoming_fragments(), which can cause the daemon to abort when handling certain outer payloads that are ...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/02 9:19 p.m.5 views

CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/07/02 9:19 p.m.5 views

CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.6AI score0.00597EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.10 views

PT-2026-55314

Name of the Vulnerable Software and Affected Versions Libreswan affected versions not specified Description An invalidly formatted IKEv2 fragment can cause the pluto daemon to crash and restart, leading to a denial of service. The issue occurs within the reassemble v2 incoming fragments function,...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-12590

Malware in sbrugna...

7.5CVSS6.5AI score0.03288EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-42486

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00691EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-1763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw...

7.5CVSS6.7AI score0.03288EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/01/14 10:48 a.m.4 views

libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart

A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...

6.5CVSS5.8AI score0.00691EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/14 10:48 a.m.4 views

libreswan: Invalid IKEv1 Quick Mode ID causes restart

A NULL pointer dereference flaw was found in Libreswan when processing IKEv1 Quick Mode requests. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, it triggers a NULL pointer dereference error. This flaw allows a malicious client or...

6.5CVSS5.7AI score0.00691EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/14 10:48 a.m.4 views

libreswan: Invalid IKEv2 REKEY proposal causes restart

An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...

6.5CVSS5.8AI score0.00691EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/02 9:44 p.m.3 views

libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart

A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...

6.5CVSS5.8AI score0.00691EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/02 9:44 p.m.3 views

libreswan: Invalid IKEv2 REKEY proposal causes restart

An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...

6.5CVSS5.8AI score0.00691EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/02 9:44 p.m.4 views

libreswan: Invalid IKEv1 Quick Mode ID causes restart

A NULL pointer dereference flaw was found in Libreswan when processing IKEv1 Quick Mode requests. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, it triggers a NULL pointer dereference error. This flaw allows a malicious client or...

6.5CVSS5.7AI score0.00691EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/02 8:2 p.m.4 views

libreswan: Invalid IKEv1 Quick Mode ID causes restart

A NULL pointer dereference flaw was found in Libreswan when processing IKEv1 Quick Mode requests. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, it triggers a NULL pointer dereference error. This flaw allows a malicious client or...

6.5CVSS5.7AI score0.00691EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/02 8:2 p.m.4 views

libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart

A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...

6.5CVSS5.8AI score0.00691EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/02 6:44 p.m.5 views

libreswan: Invalid IKEv1 Quick Mode ID causes restart

A NULL pointer dereference flaw was found in Libreswan when processing IKEv1 Quick Mode requests. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, it triggers a NULL pointer dereference error. This flaw allows a malicious client or...

6.5CVSS5.7AI score0.00691EPSS
Exploits0References6
Rows per page
Query Builder