5 matches found
MiracleLinux 9 : libreswan-4.12-1.el9 (AXSA:2023-6824:09)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6824:09 advisory. libreswan: Invalid IKEv2 REKEY proposal causes restart CVE-2023-38710 libreswan: Invalid IKEv1 Quick Mode ID causes restart CVE-2023-38711 libreswan...
NewStart CGSL MAIN 7.02 : libreswan Multiple Vulnerabilities (NS-SA-2025-0120)
The remote NewStart CGSL host, running version MAIN 7.02, has libreswan packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed...
libreswan: Invalid IKEv2 REKEY proposal causes restart
An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...
Moderate: Red Hat Security Advisory: libreswan security update
An update for libreswan is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2023-38710
An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...