122 matches found
AZL-34935 CVE-2023-38710 affecting package libreswan for versions less than 4.7-6
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...
AZL-34936 CVE-2023-38711 affecting package libreswan for versions less than 4.7-6
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...
CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...
AZL-34937 CVE-2023-38712 affecting package libreswan for versions less than 4.7-6
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...
Null pointer dereference
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...
UBUNTU-CVE-2023-38711
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...
UBUNTU-CVE-2023-38712
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...
Libreswan 安全漏洞
Libreswan is an IPsec implementation similar to Openswan, which is mainly used to ensure security and integrity issues in data transmission. A security vulnerability exists in Libreswan versions prior to 4.12, which stems from an error notification INVALIDSPI being sent in a renegotiation REKEY...
Libreswan 代码问题漏洞
Libreswan is an IPsec implementation similar to Openswan, which is primarily used to ensure security, integrity issues in data transmission. A security vulnerability exists in Libreswan versions prior to 4.12 that originates when an IKEv1 Quick Mode connection using IDIPV4ADDR or IDIPV6ADDR is...
Libreswan 代码问题漏洞
Libreswan is an IPsec implementation similar to Openswan, which is primarily used to ensure security and integrity issues in data transmission. A security vulnerability exists in Libreswan version 3.x, version 4.x up to and including version 4.12, which originates when an IKEv1 ISAKMP SA message...
CVE-2023-38710
CVE-2023-38710 affects Libreswan prior to 4.12. The issue occurs when an IKEv2 Child SA REKEY packet carries an invalid IPsec protocol ID (0 or 1); the notify payload copies the ID but the outgoing verify code asserts that the protocol ID must be ESP (2) or AH (3), causing the pluto daemon to cra...
CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...
CVE-2023-38712
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...
CVE-2023-38711
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...
CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...
CVE-2023-38712
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...
Fedora 37 : libreswan (2023-dbc6d8a124)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-dbc6d8a124 advisory. Update to 4.12 for CVE-2023-38710, CVE-2023-38711 and CVE-2023-38712 addressing post-authentication denial of service attacks Tenable has extracted...
Oracle Linux 8 : libreswan (ELSA-2023-3107)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-3107 advisory. - Fix CVE-2023-30570: Malicious IKEv1 Aggressive Mode packets can crash libreswan Tenable has extracted the preceding description block directly from the Oracle...
AlmaLinux 8 : libreswan (ALSA-2023:3107)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3107 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...
AlmaLinux 9 : libreswan (ALSA-2023:3148)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3148 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...