Moderate: Red Hat Security Advisory: libreswan security and bug fix update

An update for libreswan is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Moderate: Red Hat Security Advisory: libreswan security update

An update for libreswan is available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Moderate: Red Hat Security Advisory: libreswan security update

An update for libreswan is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Moderate: Red Hat Security Advisory: libreswan security update

An update for libreswan is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2024:2565 Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

Moderate: Red Hat Security Advisory: libreswan security and bug fix update

An update for libreswan is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2024:2033 Moderate: libreswan security and bug fix update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

Moderate: libreswan security and bug fix update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

Moderate: Red Hat Security Advisory: libreswan security update

An update for libreswan is available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2024:1998 Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

GO-2024-2666 Insecure IPsec transparent encryption in github.com/cilium/cilium

Insecure IPsec transparent encryption in github.com/cilium/cilium...

CVE-2024-30391

A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device. If a device...

CVE-2024-30391 Junos OS: MX Series with SPC3, and SRX Series: When IPsec authentication is configured with "hmac-sha-384" and "hmac-sha-512" no authentication of traffic is performed

A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device. If a device...

CVE-2024-30391

CVE-2024-30391 describes a Missing Authentication for Critical Function in Junos OS PFE (MX Series with SPC3 and SRX Series). When IPsec uses hmac-sha-384 or hmac-sha-512, traffic exiting the tunnel is not authenticated and ingress is not expected to be authenticated, which can lead to limited im...

CVE-2024-21609

A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service DoS. If...

CVE-2024-21609

CVE-2024-21609 affects Juniper Networks Junos OS on MX Series with SPC3, and SRX Series. The vulnerability is a missing release of memory after the IPsec SA rekey in the iked process, triggered by crafted IPsec parameter values (local-ip, remote-ip, remote ike-id, traffic selectors), leading to m...

CVE-2024-21609 Junos OS: MX Series with SPC3, and SRX Series: If specific IPsec parameters are negotiated iked will crash due to a memory leak

A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service DoS. If...

CVE-2024-21609 Junos OS: MX Series with SPC3, and SRX Series: If specific IPsec parameters are negotiated iked will crash due to a memory leak

A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service DoS. If...