Libreswan

Libreswan

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.37%
  • Veröffentlicht 02.07.2026 21:44:09
  • Zuletzt bearbeitet 09.07.2026 15:46:40

Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker ...

  • EPSS 0.33%
  • Veröffentlicht 02.07.2026 21:34:41
  • Zuletzt bearbeitet 09.07.2026 15:47:00

Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v1_5 (RFC 8017). A remote attacker can use a variati...

  • EPSS 0.6%
  • Veröffentlicht 02.07.2026 21:19:22
  • Zuletzt bearbeitet 08.07.2026 18:52:42

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown outer payloads but still store ...

  • EPSS 0.8%
  • Veröffentlicht 11.04.2024 02:15:47
  • Zuletzt bearbeitet 17.06.2025 20:54:44

The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. ...

  • EPSS 0.94%
  • Veröffentlicht 11.03.2024 20:15:07
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When s...

  • EPSS 0.69%
  • Veröffentlicht 25.08.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:14:06

An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a...

  • EPSS 0.69%
  • Veröffentlicht 25.08.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:14:06

An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE:...

  • EPSS 0.69%
  • Veröffentlicht 25.08.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:14:06

An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packe...

  • EPSS 1.18%
  • Veröffentlicht 29.05.2023 00:15:09
  • Zuletzt bearbeitet 14.01.2025 19:15:29

pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.

  • EPSS 1.58%
  • Veröffentlicht 17.05.2023 23:15:09
  • Zuletzt bearbeitet 22.01.2025 19:15:08

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent...