Published: 25/08/2023 Updated: 11/12/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

An issue exists in Libreswan prior to 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libreswan libreswan

概要 Moderate: libreswan security update タイプ/重大度 Security Advisory: Moderate Red Hat Insights パッチ分析このアドバイザリーの影響を受けるシステムを特定し、修正します。影響を受けるシステムの表示トピック An update for libreswan is now available for Red Hat Enterprise ...

Debian Bug report logs - #1066059 libreswan: CVE-2024-2357 Package: src:libreswan; Maintainer for src:libreswan is Daniel Kahn Gillmor <dkg@fifthhorsemannet>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 11 Mar 2024 21:24:01 UTC Severity: important Tags: security, upstream Found in versions libr ...

NVD-CWE-noinfo https://github.com/libreswan/libreswan/tags https://libreswan.org/security/CVE-2023-38710/https://access.redhat.com/errata/RHSA-2023:7052 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-38710

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect