4 matches found
Medium: libreswan
Issue Overview: The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not...
CVE-2024-3652
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected...
AZL-39919 CVE-2024-3652 affecting package libreswan for versions less than 4.15-1
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected...
PT-2024-4388 · Libreswan +6 · Libreswan +6
Name of the Vulnerable Software and Affected Versions: Libreswan versions prior to 4.15 Description: The issue is related to the Libreswan library, which is used for VPN protocols with "IPsec". It is caused by an assertion failure when handling IKEv1 packets without specifying an esp= line. When ...