CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3652 – IKEv1 default AH/ESP responder can cause libreswan to abort and restart
https://notcve.org/view.php?id=CVE-2024-3652
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected. Se notificó a Libreswan Project sobre un problema que provocaba que libreswan se reiniciara al usar IKEv1 sin especificar una línea esp=. Cuando el par solicita AES-GMAC, el controlador de propuestas predeterminado de libreswan provoca un error de aserción, falla y se reinicia. • https://github.com/bigb0x/CVE-2024-36527 http://www.openwall.com/lists/oss-security/2024/04/18/2 https://libreswan.org/security/CVE-2024-3652 https://access.redhat.com/security/cve/CVE-2024-3652 https://bugzilla.redhat.com/show_bug.cgi?id=2274448 • CWE-617: Reachable Assertion •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2357 – IKEv2 misconfiguration can cause libreswan to abort and restart
https://notcve.org/view.php?id=CVE-2024-2357
The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service. Se notificó a Libreswan Project sobre un problema que causaba que libreswan se reiniciara en algunos escenarios de retransmisión de IKEv2 cuando una conexión está configurada para usar PreSharedKeys (authby=secret) y la conexión no puede encontrar un secreto configurado coincidente. Cuando dicha conexión se agrega automáticamente al inicio usando la palabra clave auto=, puede causar fallas repetidas que conducen a una denegación de servicio. A flaw was found in Libreswan. • https://libreswan.org/security/CVE-2024-2357 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJZJYFHKBIJ4ZK5GAWWFFR3AKJS6O5JX https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HEM46ALKF7NG6CAUKZ7KQERVOHWQIQKY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVQ7MZY6LFFGRWAJNTKKN2VSEFS2VPAR https://access.redhat.com/security/cve/CVE-2024-2357 https://bugzilla.redhat.com/show_bug.cgi?id=2268952 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38710 – libreswan: Invalid IKEv2 REKEY proposal causes restart
https://notcve.org/view.php?id=CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20. Se ha descubierto un problema en Libreswan anterior a 4.12. • https://github.com/libreswan/libreswan/tags https://libreswan.org/security/CVE-2023-38710 https://access.redhat.com/security/cve/CVE-2023-38710 https://bugzilla.redhat.com/show_bug.cgi?id=2225368 • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38711 – libreswan: Invalid IKEv1 Quick Mode ID causes restart
https://notcve.org/view.php?id=CVE-2023-38711
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6. Se ha descubierto un problema en Libreswan anterior a 4.12. Cuando una conexión de modo rápido IKEv1 configurada con ID_IPV4_ADDR o ID_IPV6_ADDR recibe una carga útil IDcr con ID_FQDN, una desviación de puntero NULL provoca un bloqueo y reinicio del demonio pluto. • https://github.com/libreswan/libreswan/tags https://libreswan.org/security/CVE-2023-38711 https://access.redhat.com/security/cve/CVE-2023-38711 https://bugzilla.redhat.com/show_bug.cgi?id=2215952 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38712 – libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart
https://notcve.org/view.php?id=CVE-2023-38712
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart. Se ha descubierto un problema en Libreswan 3.x y 4.x antes de 4.12. Cuando un paquete IKEv1 ISAKMP SA Informational Exchange contiene una carga útil Delete/Notify seguida de más Notifies que actúan sobre el ISAKMP SA, como un mensaje Delete/Notify duplicado, una desviación de puntero NULL en el estado eliminado hace que el demonio pluto se bloquee y se reinicie. A NULL pointer dereference vulnerability was found in the Libreswan package. • https://github.com/libreswan/libreswan/tags https://libreswan.org/security/CVE-2023-38712 https://access.redhat.com/security/cve/CVE-2023-38712 https://bugzilla.redhat.com/show_bug.cgi?id=2225369 • CWE-476: NULL Pointer Dereference •