K42378447: IPsec IKEv1 vulnerability CVE-2018-5389

Security Advisory Description The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1...

Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2023-048-01)

The version of kernel-generic installed on the remote host is prior to 5.15.94 / 5.15.94smp. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-048-01 advisory. - A flaw was found in the KVM's AMD nested virtualization SVM. A malicious L1 guest could purposely fa...

SUSE CVE-2005-0398

The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service crash via malformed ISAKMP packets...

SUSE CVE-2005-3732

The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...

SUSE CVE-2008-3651

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service memory consumption via invalid proposals...

SUSE CVE-2008-3652

src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" phase 1 handle when it has been initiated remotely, which allows remote attackers to cause a denial of service resource consumption...

SUSE CVE-2009-1574

racoon/isakmpfrag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service crash via crafted fragmented packets without a payload, which triggers a NULL pointer dereference...

SUSE CVE-2009-1632

Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service memory consumption via vectors involving 1 signature verification during user authentication with X.509 certificates, related to the eaycheckx509sign function in src/racoon/cryptoopenssl.c; and 2...

SUSE CVE-2013-2234

The 1 keynotifysaflush and 2 keynotifypolicyflush functions in net/key/afkey.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of ...

SUSE CVE-2015-4047

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests...

SUSE CVE-2016-10396

The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...

SUSE CVE-2019-5719

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block...

SUSE CVE-2022-3625

A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlinkparamset/devlinkparamget of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The...

SUSE CVE-2022-3635

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tsttimer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 ...

SUSE CVE-2022-27666

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12116)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12116 advisory. - netfilter: nftpayload: incorrect arithmetics when fetching VLAN header bits Pablo Neira Ayuso Orabug: 34978152 CVE-2023-0179 Tenable has extract...

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2023-12120)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12120 advisory. - netfilter: nftpayload: incorrect arithmetics when fetching VLAN header bits Pablo Neira Ayuso Orabug: 34978152 CVE-2023-0179 Tenable has extracted t...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1345)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5858-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5858-1 advisory. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker coul...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5859-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5859-1 advisory. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker coul...