CVE-2020-1763
libreswan: DoS attack via malicious IKEv1 informational exchange message
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
Un fallo de lectura de búfer fuera de límites fue detectado en el demonio pluto de libreswan versiones 3.27 hasta 3.31 donde, un atacante no autenticado podría usar este fallo para bloquear a libreswan mediante el envío de paquetes IKEv1 Informational Exchange especialmente diseñados. El demonio reaparece después del bloqueo.
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan. An unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-11-27 CVE Reserved
- 2020-05-12 CVE Published
- 2024-08-04 CVE Updated
- 2024-10-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (10)
URL | Tag | Source |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1813329 | Issue Tracking | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763 | Issue Tracking | |
https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf | Third Party Advisory | |
https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8 | 2023-11-07 | |
https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt | 2023-11-07 |
URL | Date | SRC |
---|---|---|
https://security.gentoo.org/glsa/202007-21 | 2023-11-07 | |
https://www.debian.org/security/2020/dsa-4684 | 2023-11-07 | |
https://access.redhat.com/security/cve/CVE-2020-1763 | 2020-05-12 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1814541 | 2020-05-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Libreswan Search vendor "Libreswan" | Libreswan Search vendor "Libreswan" for product "Libreswan" | >= 3.27 <= 3.31 Search vendor "Libreswan" for product "Libreswan" and version " >= 3.27 <= 3.31" | - |
Affected
| ||||||
Libreswan Search vendor "Libreswan" | Libreswan Search vendor "Libreswan" for product "Libreswan" | 3.5 Search vendor "Libreswan" for product "Libreswan" and version "3.5" | - |
Affected
|