libreswan is vulnerable to denial of service (DoS). The vulnerability exists in the processing of IKEv1 informational packets due to missing integrity check.
CPE | Name | Operator | Version |
---|---|---|---|
libreswan | eq | 3.27__9.el8 | |
libreswan:buster | eq | 3.27-6+deb10u1 |
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/
access.redhat.com/errata/RHSA-2019:3391
access.redhat.com/security/updates/classification/#low
bugzilla.redhat.com/show_bug.cgi?id=1608353
bugzilla.redhat.com/show_bug.cgi?id=1679394
bugzilla.redhat.com/show_bug.cgi?id=1683706
bugzilla.redhat.com/show_bug.cgi?id=1699318
bugzilla.redhat.com/show_bug.cgi?id=1706180
bugzilla.redhat.com/show_bug.cgi?id=1712555
bugzilla.redhat.com/show_bug.cgi?id=1713734
bugzilla.redhat.com/show_bug.cgi?id=1714331
bugzilla.redhat.com/show_bug.cgi?id=1723957
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155
libreswan.org/security/CVE-2019-10155/
lists.fedoraproject.org/archives/list/[email protected]/message/EUEXFCN7FAYBKJBQJLYCEUQUCHDEJRZW/
lists.fedoraproject.org/archives/list/[email protected]/message/LFGPGLLKAXSLWFI62A6BZHTZSCHRCBXS/