RLSA-2024:8353 Important: NetworkManager-libreswan security update

This package contains software for integrating the libreswan VPN software with NetworkManager and the GNOME desktop Security Fixes: NetworkManager-libreswan: Local privilege escalation via leftupdown CVE-2024-9050 For more details about the security issues, including the impact, a CVSS score,...

Important: Red Hat Security Advisory: NetworkManager-libreswan security update

An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated...

ROS-20230913-03

A vulnerability in libreswan software is related to a null pointer dereferencing error in the IKEv1 fast mode packets. Exploitation of the vulnerability could allow an attacker, remotely send specially crafted packets to the system and perform a denial-of-service attack. denial-of-service attack...

MGASA-2020-0215 Updated libreswan packages fix security vulnerability

Updated libreswan packages fix security vulnerability: An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan. An unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the...

MGASA-2019-0210 Updated libreswan packages fix security vulnerability

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects...