CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3652 – IKEv1 default AH/ESP responder can cause libreswan to abort and restart
https://notcve.org/view.php?id=CVE-2024-3652
11 Apr 2024 — The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected. Se notificó a Libreswan Project sobre un problema que provocaba que libreswan se reiniciara al usar IKEv1 sin especificar una línea esp=. Cuando el par solicita AES-GMAC, el controlador de propuestas predeterminado de libreswa... • https://github.com/bigb0x/CVE-2024-36527 • CWE-404: Improper Resource Shutdown or Release CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2357 – IKEv2 misconfiguration can cause libreswan to abort and restart
https://notcve.org/view.php?id=CVE-2024-2357
11 Mar 2024 — The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service. Se notificó a Libreswan Project sobre un problema que causaba que libreswan se reiniciara en algunos escenarios de retransmi... • https://libreswan.org/security/CVE-2024-2357 • CWE-400: Uncontrolled Resource Consumption •