Search criteria
64 vulnerabilities found for libreswan by libreswan
FKIE_CVE-2024-3652
Vulnerability from fkie_nvd - Published: 2024-04-11 02:15 - Updated: 2025-06-17 20:54
Severity ?
Summary
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCF4ECE-E126-47B3-9B03-C420896DAFB3",
"versionEndExcluding": "4.15",
"versionStartIncluding": "3.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan\u0027s default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected."
},
{
"lang": "es",
"value": "Se notific\u00f3 a Libreswan Project sobre un problema que provocaba que libreswan se reiniciara al usar IKEv1 sin especificar una l\u00ednea esp=. Cuando el par solicita AES-GMAC, el controlador de propuestas predeterminado de libreswan provoca un error de aserci\u00f3n, falla y se reinicia. Las conexiones IKEv2 no se ven afectadas."
}
],
"id": "CVE-2024-3652",
"lastModified": "2025-06-17T20:54:44.620",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-04-11T02:15:47.790",
"references": [
{
"source": "d42dc95b-23f1-4e06-9076-20753a0fb0df",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/18/2"
},
{
"source": "d42dc95b-23f1-4e06-9076-20753a0fb0df",
"tags": [
"Third Party Advisory"
],
"url": "https://libreswan.org/security/CVE-2024-3652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/18/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://libreswan.org/security/CVE-2024-3652"
}
],
"sourceIdentifier": "d42dc95b-23f1-4e06-9076-20753a0fb0df",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-38712
Vulnerability from fkie_nvd - Published: 2023-08-25 21:15 - Updated: 2024-11-21 08:14
Severity ?
Summary
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/libreswan/libreswan/tags | Third Party Advisory | |
| cve@mitre.org | https://libreswan.org/security/CVE-2023-38712/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libreswan/libreswan/tags | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://libreswan.org/security/CVE-2023-38712/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF49694-9BD7-46A7-851B-F03CB49A9250",
"versionEndExcluding": "4.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8923F14F-CAAA-402E-8549-8250C9CADA4A",
"versionEndExcluding": "4.12",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Libreswan 3.x y 4.x antes de 4.12. Cuando un paquete IKEv1 ISAKMP SA Informational Exchange contiene una carga \u00fatil Delete/Notify seguida de m\u00e1s Notifies que act\u00faan sobre el ISAKMP SA, como un mensaje Delete/Notify duplicado, una desviaci\u00f3n de puntero NULL en el estado eliminado hace que el demonio pluto se bloquee y se reinicie.\n"
}
],
"id": "CVE-2023-38712",
"lastModified": "2024-11-21T08:14:06.427",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-25T21:15:08.293",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://libreswan.org/security/CVE-2023-38712/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://libreswan.org/security/CVE-2023-38712/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-38711
Vulnerability from fkie_nvd - Published: 2023-08-25 21:15 - Updated: 2024-11-21 08:14
Severity ?
Summary
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/libreswan/libreswan/tags | Third Party Advisory | |
| cve@mitre.org | https://libreswan.org/security/CVE-2023-38711/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libreswan/libreswan/tags | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://libreswan.org/security/CVE-2023-38711/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5090A30-05D9-4501-9E86-FF1024BB2A0F",
"versionEndExcluding": "4.12",
"versionStartIncluding": "4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Libreswan anterior a 4.12. Cuando una conexi\u00f3n de modo r\u00e1pido IKEv1 configurada con ID_IPV4_ADDR o ID_IPV6_ADDR recibe una carga \u00fatil IDcr con ID_FQDN, una desviaci\u00f3n de puntero NULL provoca un bloqueo y reinicio del demonio pluto. NOTA: la primera versi\u00f3n afectada es la 4.6.\n"
}
],
"id": "CVE-2023-38711",
"lastModified": "2024-11-21T08:14:06.280",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-25T21:15:08.230",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://libreswan.org/security/CVE-2023-38711/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://libreswan.org/security/CVE-2023-38711/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-38710
Vulnerability from fkie_nvd - Published: 2023-08-25 21:15 - Updated: 2024-11-21 08:14
Severity ?
Summary
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/libreswan/libreswan/tags | Third Party Advisory | |
| cve@mitre.org | https://libreswan.org/security/CVE-2023-38710/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/libreswan/libreswan/tags | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://libreswan.org/security/CVE-2023-38710/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD4136B-12B7-4FCA-B643-47F5FEA652EA",
"versionEndExcluding": "4.12",
"versionStartIncluding": "3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload\u0027s protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Libreswan anterior a 4.12. Cuando un paquete IKEv2 Child SA REKEY contiene un n\u00famero de ID de protocolo IPsec no v\u00e1lido de 0 o 1, se devuelve una notificaci\u00f3n de error INVALID_SPI. El ID de protocolo de la carga \u00fatil de la notificaci\u00f3n se copia del paquete entrante, pero el c\u00f3digo que verifica los paquetes salientes falla en la afirmaci\u00f3n de que el ID de protocolo debe ser ESP (2) o AH(3) y hace que el demonio pluto se bloquee y reinicie. NOTA: la primera versi\u00f3n afectada es la 3.20.\n"
}
],
"id": "CVE-2023-38710",
"lastModified": "2024-11-21T08:14:06.133",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-25T21:15:08.167",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://libreswan.org/security/CVE-2023-38710/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://libreswan.org/security/CVE-2023-38710/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-30570
Vulnerability from fkie_nvd - Published: 2023-05-29 00:15 - Updated: 2025-01-14 19:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt | Mitigation, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CFA1697-D667-487B-88A5-5368F50B5383",
"versionEndIncluding": "4.10",
"versionStartIncluding": "3.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28."
}
],
"id": "CVE-2023-30570",
"lastModified": "2025-01-14T19:15:29.790",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-29T00:15:09.820",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-2295
Vulnerability from fkie_nvd - Published: 2023-05-17 23:15 - Updated: 2025-01-22 19:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:3107 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:3148 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-2295 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2189777 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:3107 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:3148 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-2295 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2189777 | Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreswan | libreswan | 4.9-1.el8 | |
| libreswan | libreswan | 4.9-1.el9 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| redhat | enterprise_linux_eus | 8.8 | |
| redhat | enterprise_linux_eus | 9.2 | |
| redhat | enterprise_linux_server_aus | 8.8 | |
| redhat | enterprise_linux_server_aus | 9.2 | |
| redhat | enterprise_linux_server_tus | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreswan:libreswan:4.9-1.el8:*:*:*:*:*:*:*",
"matchCriteriaId": "1DBF5B0F-6997-40E6-A692-D08DDA0A20A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreswan:libreswan:4.9-1.el9:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE181EC-23BC-448C-92EB-5660D6A1F59E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD25A35-9C2B-4382-8720-4E39F928170B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"id": "CVE-2023-2295",
"lastModified": "2025-01-22T19:15:08.283",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-17T23:15:09.250",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3107"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3148"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-2295"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-2295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189777"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-23009
Vulnerability from fkie_nvd - Published: 2023-02-21 16:15 - Updated: 2025-03-17 17:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreswan | libreswan | 4.9 | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreswan:libreswan:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6D49C745-4A03-4076-8F91-3AD698C1D1BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length."
}
],
"id": "CVE-2023-23009",
"lastModified": "2025-03-17T17:15:15.920",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-21T16:15:11.873",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://github.com/libreswan/libreswan/issues/954"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
],
"url": "https://github.com/libreswan/libreswan/issues/954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5368"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-23094
Vulnerability from fkie_nvd - Published: 2022-01-15 02:15 - Updated: 2024-11-21 06:47
Severity ?
Summary
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreswan | libreswan | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32DBE093-AC0F-44D8-928A-891291E794CD",
"versionEndExcluding": "4.6",
"versionStartIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6."
},
{
"lang": "es",
"value": "Libreswan versiones 4.2 hasta 4.5, permite a atacantes remotos causar una denegaci\u00f3n de servicio (desreferencia del puntero NULL y bloqueo del demonio) por medio de un paquete IKEv1 dise\u00f1ado porque el archivo pluto/ikev1.c espera err\u00f3neamente que sea presentado un objeto de estado. Esto ha sido corregido en versi\u00f3n 4.6"
}
],
"id": "CVE-2022-23094",
"lastModified": "2024-11-21T06:47:58.540",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-15T02:15:06.547",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/libreswan/libreswan/issues/585"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://libreswan.org/security/CVE-2022-23094"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPMIHAXWQUJAPCIGNJ5J5Q6ASWQBU7T5/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFZ7WP5LNNBW5ADIOPDSPQ23SXZJRNMP/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/libreswan/libreswan/issues/585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://libreswan.org/security/CVE-2022-23094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPMIHAXWQUJAPCIGNJ5J5Q6ASWQBU7T5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFZ7WP5LNNBW5ADIOPDSPQ23SXZJRNMP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5048"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1763
Vulnerability from fkie_nvd - Published: 2020-05-12 14:15 - Updated: 2024-11-21 05:11
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D70ED5-291D-47AE-A6CB-0ED5AAB14329",
"versionEndIncluding": "3.31",
"versionStartIncluding": "3.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreswan:libreswan:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9E018CD7-6E5B-421E-BF06-AEE4EE0CA4BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash."
},
{
"lang": "es",
"value": "Un fallo de lectura de b\u00fafer fuera de l\u00edmites fue detectado en el demonio pluto de libreswan versiones 3.27 hasta 3.31 donde, un atacante no autenticado podr\u00eda usar este fallo para bloquear a libreswan mediante el env\u00edo de paquetes IKEv1 Informational Exchange especialmente dise\u00f1ados. El demonio reaparece despu\u00e9s del bloqueo."
}
],
"id": "CVE-2020-1763",
"lastModified": "2024-11-21T05:11:20.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-12T14:15:12.580",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-21"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4684"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
FKIE_CVE-2019-10155
Vulnerability from fkie_nvd - Published: 2019-06-12 14:29 - Updated: 2024-11-21 04:18
Severity ?
Summary
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreswan | libreswan | * | |
| strongswan | strongswan | * | |
| xelerance | openswan | * | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| redhat | enterprise_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03762F60-C5B0-4D4C-95E1-9D6BDA7A2C0B",
"versionEndExcluding": "3.29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "489C88AB-FD16-4BBD-9915-906B88F9A9E5",
"versionEndExcluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xelerance:openswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06958DB5-E8C3-4446-B3CF-D1D7B58B4CE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en el proyecto The Libreswan en el procesador de IKEv1 Los paquetes de intercambio informativo IKEv1 que est\u00e1n cifrados y protegidos por integridad utilizando las claves de integridad y cifrado IKE SA establecidas, pero como receptor, el valor de verificaci\u00f3n de integridad no se verific\u00f3. Este problema afecta a las versiones anteriores a 3.29."
}
],
"id": "CVE-2019-10155",
"lastModified": "2024-11-21T04:18:32.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "secalert@redhat.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-12T14:29:02.917",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3391"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://libreswan.org/security/CVE-2019-10155/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUEXFCN7FAYBKJBQJLYCEUQUCHDEJRZW/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFGPGLLKAXSLWFI62A6BZHTZSCHRCBXS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://libreswan.org/security/CVE-2019-10155/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUEXFCN7FAYBKJBQJLYCEUQUCHDEJRZW/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFGPGLLKAXSLWFI62A6BZHTZSCHRCBXS/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-3652 (GCVE-0-2024-3652)
Vulnerability from cvelistv5 – Published: 2024-04-11 01:32 – Updated: 2025-02-13 17:52
VLAI?
Summary
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.
Severity ?
6.5 (Medium)
CWE
- IKEv1 with default AH/ESP configuration can cause libreswan to abort and restart
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Libreswan Project (www.libreswan.org) | libreswan |
Affected:
3.22 , ≤ 4.14
(semver)
Unaffected: 5.0 |
Credits
github user X1AOxiang
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libreswan",
"vendor": "libreswan",
"versions": [
{
"lessThanOrEqual": "4.14",
"status": "affected",
"version": "3.22",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "5.0"
},
{
"status": "unaffected",
"version": "4.15"
},
{
"lessThanOrEqual": "3.21",
"status": "unaffected",
"version": "3.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-3652",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T17:26:47.015453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Improper Resource Shutdown or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T17:34:37.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:19:59.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CVE-2024-3652",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2024-3652"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/18/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "libreswan",
"vendor": "The Libreswan Project (www.libreswan.org)",
"versions": [
{
"lessThanOrEqual": "4.14",
"status": "affected",
"version": "3.22",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "5.0"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The vulnerability can only be triggered for connections with ikev2=no that do not specify an esp= option."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "github user X1AOxiang"
}
],
"datePublic": "2024-04-12T21:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan\u0027s default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "IKEv1 with default AH/ESP configuration can cause libreswan to abort and restart",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T17:10:23.219Z",
"orgId": "d42dc95b-23f1-4e06-9076-20753a0fb0df",
"shortName": "libreswan"
},
"references": [
{
"name": "CVE-2024-3652",
"tags": [
"vendor-advisory"
],
"url": "https://libreswan.org/security/CVE-2024-3652"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/18/2"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in 4.15 and all later versions."
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-24T00:00:00.000Z",
"value": "Issue reported publicly by github user X1AOxiang via https://github.com/libreswan/libreswan/issues/1665"
},
{
"lang": "en",
"time": "2024-03-27T00:00:00.000Z",
"value": "Fix published in commit 03caa63de1e3 (as issue was already public via githb issue)"
},
{
"lang": "en",
"time": "2024-04-10T00:00:00.000Z",
"value": "Advanced notice given to support customers and distributions"
},
{
"lang": "en",
"time": "2024-04-12T00:00:00.000Z",
"value": "CVE-2024-3652 published"
}
],
"title": "IKEv1 default AH/ESP responder can cause libreswan to abort and restart",
"workarounds": [
{
"lang": "en",
"value": "As a workaround, adding an esp= line to all IKEv1 connections works around the issue. An example covering most common default configurations would be: esp=aes-sha2_512,aes-sha1,aes-sha2_256,aes-md5,3des-sha1,3des-md5."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "d42dc95b-23f1-4e06-9076-20753a0fb0df",
"assignerShortName": "libreswan",
"cveId": "CVE-2024-3652",
"datePublished": "2024-04-11T01:32:13.433Z",
"dateReserved": "2024-04-11T01:28:41.331Z",
"dateUpdated": "2025-02-13T17:52:56.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38710 (GCVE-0-2023-38710)
Vulnerability from cvelistv5 – Published: 2023-08-25 00:00 – Updated: 2024-11-26 21:53
VLAI?
Summary
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2023-38710/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38710",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-18T17:07:09.396495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T21:53:27.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload\u0027s protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T20:28:53.862419",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"url": "https://libreswan.org/security/CVE-2023-38710/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-38710",
"datePublished": "2023-08-25T00:00:00",
"dateReserved": "2023-07-24T00:00:00",
"dateUpdated": "2024-11-26T21:53:27.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38712 (GCVE-0-2023-38712)
Vulnerability from cvelistv5 – Published: 2023-08-25 00:00 – Updated: 2024-08-02 17:46
VLAI?
Summary
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2023-38712/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T20:31:56.483324",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"url": "https://libreswan.org/security/CVE-2023-38712/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-38712",
"datePublished": "2023-08-25T00:00:00",
"dateReserved": "2023-07-24T00:00:00",
"dateUpdated": "2024-08-02T17:46:56.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38711 (GCVE-0-2023-38711)
Vulnerability from cvelistv5 – Published: 2023-08-25 00:00 – Updated: 2024-08-02 17:46
VLAI?
Summary
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-22T19:44:03.355698Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T19:44:10.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2023-38711/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T20:30:07.355397",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"url": "https://libreswan.org/security/CVE-2023-38711/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-38711",
"datePublished": "2023-08-25T00:00:00",
"dateReserved": "2023-07-24T00:00:00",
"dateUpdated": "2024-08-02T17:46:56.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30570 (GCVE-0-2023-30570)
Vulnerability from cvelistv5 – Published: 2023-05-28 00:00 – Updated: 2025-01-14 18:14
VLAI?
Summary
pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:28:51.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-30570",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T18:14:34.147387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T18:14:42.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-28T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-30570",
"datePublished": "2023-05-28T00:00:00",
"dateReserved": "2023-04-12T00:00:00",
"dateUpdated": "2025-01-14T18:14:42.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2295 (GCVE-0-2023-2295)
Vulnerability from cvelistv5 – Published: 2023-05-17 00:00 – Updated: 2025-01-22 18:25
VLAI?
Summary
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.
Severity ?
7.5 (High)
CWE
- CWE-400 - - Uncontrolled Resource Consumption
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189777"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-2295"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3107"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3148"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-2295",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T18:25:10.231021Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T18:25:15.561Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "libreswan",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Affects libreswan v4.9-1.el8 and libreswan v4.9-1.el9, Fixed in libreswan v4.9-3.el8_8 and libreswan v4.9-4.el9_2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 - Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-17T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189777"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2295"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3107"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3148"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-2295",
"datePublished": "2023-05-17T00:00:00.000Z",
"dateReserved": "2023-04-26T00:00:00.000Z",
"dateUpdated": "2025-01-22T18:25:15.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23009 (GCVE-0-2023-23009)
Vulnerability from cvelistv5 – Published: 2023-02-21 00:00 – Updated: 2025-03-17 17:02
VLAI?
Summary
Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.
Severity ?
6.5 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:39.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/issues/954"
},
{
"name": "DSA-5368",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5368"
},
{
"name": "FEDORA-2023-a2348480cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN/"
},
{
"name": "FEDORA-2023-42ec148952",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-23009",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-17T17:02:01.153244Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T17:02:28.993Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-22T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libreswan/libreswan/issues/954"
},
{
"name": "DSA-5368",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5368"
},
{
"name": "FEDORA-2023-a2348480cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN/"
},
{
"name": "FEDORA-2023-42ec148952",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-23009",
"datePublished": "2023-02-21T00:00:00.000Z",
"dateReserved": "2023-01-11T00:00:00.000Z",
"dateUpdated": "2025-03-17T17:02:28.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23094 (GCVE-0-2022-23094)
Vulnerability from cvelistv5 – Published: 2022-01-15 01:37 – Updated: 2024-08-03 03:28
VLAI?
Summary
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:43.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2022-23094"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/issues/585"
},
{
"name": "DSA-5048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5048"
},
{
"name": "FEDORA-2022-a4bca77f88",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFZ7WP5LNNBW5ADIOPDSPQ23SXZJRNMP/"
},
{
"name": "FEDORA-2022-42e0892147",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPMIHAXWQUJAPCIGNJ5J5Q6ASWQBU7T5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-20T16:06:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://libreswan.org/security/CVE-2022-23094"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/libreswan/libreswan/issues/585"
},
{
"name": "DSA-5048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5048"
},
{
"name": "FEDORA-2022-a4bca77f88",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFZ7WP5LNNBW5ADIOPDSPQ23SXZJRNMP/"
},
{
"name": "FEDORA-2022-42e0892147",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPMIHAXWQUJAPCIGNJ5J5Q6ASWQBU7T5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://libreswan.org/security/CVE-2022-23094",
"refsource": "MISC",
"url": "https://libreswan.org/security/CVE-2022-23094"
},
{
"name": "https://github.com/libreswan/libreswan/issues/585",
"refsource": "MISC",
"url": "https://github.com/libreswan/libreswan/issues/585"
},
{
"name": "DSA-5048",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5048"
},
{
"name": "FEDORA-2022-a4bca77f88",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFZ7WP5LNNBW5ADIOPDSPQ23SXZJRNMP/"
},
{
"name": "FEDORA-2022-42e0892147",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPMIHAXWQUJAPCIGNJ5J5Q6ASWQBU7T5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23094",
"datePublished": "2022-01-15T01:37:32",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-03T03:28:43.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1763 (GCVE-0-2020-1763)
Vulnerability from cvelistv5 – Published: 2020-05-12 13:41 – Updated: 2024-08-04 06:46
VLAI?
Summary
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
Severity ?
7.5 (High)
CWE
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| the libreswan Project | libreswan |
Affected:
from versions 3.27 till 3.31
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8"
},
{
"name": "DSA-4684",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4684"
},
{
"name": "GLSA-202007-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202007-21"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libreswan",
"vendor": "the libreswan Project",
"versions": [
{
"status": "affected",
"version": "from versions 3.27 till 3.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-12T05:48:52",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8"
},
{
"name": "DSA-4684",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4684"
},
{
"name": "GLSA-202007-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202007-21"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-1763",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libreswan",
"version": {
"version_data": [
{
"version_value": "from versions 3.27 till 3.31"
}
]
}
}
]
},
"vendor_name": "the libreswan Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt",
"refsource": "CONFIRM",
"url": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329"
},
{
"name": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8",
"refsource": "CONFIRM",
"url": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8"
},
{
"name": "DSA-4684",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4684"
},
{
"name": "GLSA-202007-21",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202007-21"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-1763",
"datePublished": "2020-05-12T13:41:20",
"dateReserved": "2019-11-27T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10155 (GCVE-0-2019-10155)
Vulnerability from cvelistv5 – Published: 2019-06-12 13:51 – Updated: 2024-08-04 22:10
VLAI?
Summary
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| the libreswan Project | libreswan |
Affected:
3.29
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:10:09.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2019-10155/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155"
},
{
"name": "FEDORA-2019-f7fb531958",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFGPGLLKAXSLWFI62A6BZHTZSCHRCBXS/"
},
{
"name": "FEDORA-2019-1bd9cfb718",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUEXFCN7FAYBKJBQJLYCEUQUCHDEJRZW/"
},
{
"name": "RHSA-2019:3391",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3391"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libreswan",
"vendor": "the libreswan Project",
"versions": [
{
"status": "affected",
"version": "3.29"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-06T00:07:32",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://libreswan.org/security/CVE-2019-10155/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155"
},
{
"name": "FEDORA-2019-f7fb531958",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFGPGLLKAXSLWFI62A6BZHTZSCHRCBXS/"
},
{
"name": "FEDORA-2019-1bd9cfb718",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUEXFCN7FAYBKJBQJLYCEUQUCHDEJRZW/"
},
{
"name": "RHSA-2019:3391",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3391"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-10155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libreswan",
"version": {
"version_data": [
{
"version_value": "3.29"
}
]
}
}
]
},
"vendor_name": "the libreswan Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.1/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-354"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://libreswan.org/security/CVE-2019-10155/",
"refsource": "MISC",
"url": "https://libreswan.org/security/CVE-2019-10155/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155"
},
{
"name": "FEDORA-2019-f7fb531958",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFGPGLLKAXSLWFI62A6BZHTZSCHRCBXS/"
},
{
"name": "FEDORA-2019-1bd9cfb718",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUEXFCN7FAYBKJBQJLYCEUQUCHDEJRZW/"
},
{
"name": "RHSA-2019:3391",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3391"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-10155",
"datePublished": "2019-06-12T13:51:01",
"dateReserved": "2019-03-27T00:00:00",
"dateUpdated": "2024-08-04T22:10:09.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3652 (GCVE-0-2024-3652)
Vulnerability from nvd – Published: 2024-04-11 01:32 – Updated: 2025-02-13 17:52
VLAI?
Summary
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.
Severity ?
6.5 (Medium)
CWE
- IKEv1 with default AH/ESP configuration can cause libreswan to abort and restart
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Libreswan Project (www.libreswan.org) | libreswan |
Affected:
3.22 , ≤ 4.14
(semver)
Unaffected: 5.0 |
Credits
github user X1AOxiang
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libreswan",
"vendor": "libreswan",
"versions": [
{
"lessThanOrEqual": "4.14",
"status": "affected",
"version": "3.22",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "5.0"
},
{
"status": "unaffected",
"version": "4.15"
},
{
"lessThanOrEqual": "3.21",
"status": "unaffected",
"version": "3.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-3652",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T17:26:47.015453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Improper Resource Shutdown or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T17:34:37.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:19:59.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CVE-2024-3652",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2024-3652"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/18/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "libreswan",
"vendor": "The Libreswan Project (www.libreswan.org)",
"versions": [
{
"lessThanOrEqual": "4.14",
"status": "affected",
"version": "3.22",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "5.0"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The vulnerability can only be triggered for connections with ikev2=no that do not specify an esp= option."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "github user X1AOxiang"
}
],
"datePublic": "2024-04-12T21:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan\u0027s default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "IKEv1 with default AH/ESP configuration can cause libreswan to abort and restart",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T17:10:23.219Z",
"orgId": "d42dc95b-23f1-4e06-9076-20753a0fb0df",
"shortName": "libreswan"
},
"references": [
{
"name": "CVE-2024-3652",
"tags": [
"vendor-advisory"
],
"url": "https://libreswan.org/security/CVE-2024-3652"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/18/2"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in 4.15 and all later versions."
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-24T00:00:00.000Z",
"value": "Issue reported publicly by github user X1AOxiang via https://github.com/libreswan/libreswan/issues/1665"
},
{
"lang": "en",
"time": "2024-03-27T00:00:00.000Z",
"value": "Fix published in commit 03caa63de1e3 (as issue was already public via githb issue)"
},
{
"lang": "en",
"time": "2024-04-10T00:00:00.000Z",
"value": "Advanced notice given to support customers and distributions"
},
{
"lang": "en",
"time": "2024-04-12T00:00:00.000Z",
"value": "CVE-2024-3652 published"
}
],
"title": "IKEv1 default AH/ESP responder can cause libreswan to abort and restart",
"workarounds": [
{
"lang": "en",
"value": "As a workaround, adding an esp= line to all IKEv1 connections works around the issue. An example covering most common default configurations would be: esp=aes-sha2_512,aes-sha1,aes-sha2_256,aes-md5,3des-sha1,3des-md5."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "d42dc95b-23f1-4e06-9076-20753a0fb0df",
"assignerShortName": "libreswan",
"cveId": "CVE-2024-3652",
"datePublished": "2024-04-11T01:32:13.433Z",
"dateReserved": "2024-04-11T01:28:41.331Z",
"dateUpdated": "2025-02-13T17:52:56.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38710 (GCVE-0-2023-38710)
Vulnerability from nvd – Published: 2023-08-25 00:00 – Updated: 2024-11-26 21:53
VLAI?
Summary
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2023-38710/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38710",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-18T17:07:09.396495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T21:53:27.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload\u0027s protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T20:28:53.862419",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"url": "https://libreswan.org/security/CVE-2023-38710/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-38710",
"datePublished": "2023-08-25T00:00:00",
"dateReserved": "2023-07-24T00:00:00",
"dateUpdated": "2024-11-26T21:53:27.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38712 (GCVE-0-2023-38712)
Vulnerability from nvd – Published: 2023-08-25 00:00 – Updated: 2024-08-02 17:46
VLAI?
Summary
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2023-38712/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T20:31:56.483324",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"url": "https://libreswan.org/security/CVE-2023-38712/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-38712",
"datePublished": "2023-08-25T00:00:00",
"dateReserved": "2023-07-24T00:00:00",
"dateUpdated": "2024-08-02T17:46:56.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38711 (GCVE-0-2023-38711)
Vulnerability from nvd – Published: 2023-08-25 00:00 – Updated: 2024-08-02 17:46
VLAI?
Summary
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-22T19:44:03.355698Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T19:44:10.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2023-38711/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T20:30:07.355397",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libreswan/libreswan/tags"
},
{
"url": "https://libreswan.org/security/CVE-2023-38711/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-38711",
"datePublished": "2023-08-25T00:00:00",
"dateReserved": "2023-07-24T00:00:00",
"dateUpdated": "2024-08-02T17:46:56.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30570 (GCVE-0-2023-30570)
Vulnerability from nvd – Published: 2023-05-28 00:00 – Updated: 2025-01-14 18:14
VLAI?
Summary
pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:28:51.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-30570",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T18:14:34.147387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T18:14:42.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-28T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-30570",
"datePublished": "2023-05-28T00:00:00",
"dateReserved": "2023-04-12T00:00:00",
"dateUpdated": "2025-01-14T18:14:42.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2295 (GCVE-0-2023-2295)
Vulnerability from nvd – Published: 2023-05-17 00:00 – Updated: 2025-01-22 18:25
VLAI?
Summary
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.
Severity ?
7.5 (High)
CWE
- CWE-400 - - Uncontrolled Resource Consumption
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189777"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-2295"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3107"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3148"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-2295",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T18:25:10.231021Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T18:25:15.561Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "libreswan",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Affects libreswan v4.9-1.el8 and libreswan v4.9-1.el9, Fixed in libreswan v4.9-3.el8_8 and libreswan v4.9-4.el9_2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 - Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-17T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189777"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2295"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3107"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3148"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-2295",
"datePublished": "2023-05-17T00:00:00.000Z",
"dateReserved": "2023-04-26T00:00:00.000Z",
"dateUpdated": "2025-01-22T18:25:15.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23009 (GCVE-0-2023-23009)
Vulnerability from nvd – Published: 2023-02-21 00:00 – Updated: 2025-03-17 17:02
VLAI?
Summary
Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.
Severity ?
6.5 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:39.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/issues/954"
},
{
"name": "DSA-5368",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5368"
},
{
"name": "FEDORA-2023-a2348480cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN/"
},
{
"name": "FEDORA-2023-42ec148952",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-23009",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-17T17:02:01.153244Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T17:02:28.993Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-22T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libreswan/libreswan/issues/954"
},
{
"name": "DSA-5368",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5368"
},
{
"name": "FEDORA-2023-a2348480cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN/"
},
{
"name": "FEDORA-2023-42ec148952",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-23009",
"datePublished": "2023-02-21T00:00:00.000Z",
"dateReserved": "2023-01-11T00:00:00.000Z",
"dateUpdated": "2025-03-17T17:02:28.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23094 (GCVE-0-2022-23094)
Vulnerability from nvd – Published: 2022-01-15 01:37 – Updated: 2024-08-03 03:28
VLAI?
Summary
Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:43.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2022-23094"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/issues/585"
},
{
"name": "DSA-5048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5048"
},
{
"name": "FEDORA-2022-a4bca77f88",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFZ7WP5LNNBW5ADIOPDSPQ23SXZJRNMP/"
},
{
"name": "FEDORA-2022-42e0892147",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPMIHAXWQUJAPCIGNJ5J5Q6ASWQBU7T5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-20T16:06:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://libreswan.org/security/CVE-2022-23094"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/libreswan/libreswan/issues/585"
},
{
"name": "DSA-5048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5048"
},
{
"name": "FEDORA-2022-a4bca77f88",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFZ7WP5LNNBW5ADIOPDSPQ23SXZJRNMP/"
},
{
"name": "FEDORA-2022-42e0892147",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPMIHAXWQUJAPCIGNJ5J5Q6ASWQBU7T5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://libreswan.org/security/CVE-2022-23094",
"refsource": "MISC",
"url": "https://libreswan.org/security/CVE-2022-23094"
},
{
"name": "https://github.com/libreswan/libreswan/issues/585",
"refsource": "MISC",
"url": "https://github.com/libreswan/libreswan/issues/585"
},
{
"name": "DSA-5048",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5048"
},
{
"name": "FEDORA-2022-a4bca77f88",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFZ7WP5LNNBW5ADIOPDSPQ23SXZJRNMP/"
},
{
"name": "FEDORA-2022-42e0892147",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPMIHAXWQUJAPCIGNJ5J5Q6ASWQBU7T5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23094",
"datePublished": "2022-01-15T01:37:32",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-03T03:28:43.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1763 (GCVE-0-2020-1763)
Vulnerability from nvd – Published: 2020-05-12 13:41 – Updated: 2024-08-04 06:46
VLAI?
Summary
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
Severity ?
7.5 (High)
CWE
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| the libreswan Project | libreswan |
Affected:
from versions 3.27 till 3.31
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8"
},
{
"name": "DSA-4684",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4684"
},
{
"name": "GLSA-202007-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202007-21"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libreswan",
"vendor": "the libreswan Project",
"versions": [
{
"status": "affected",
"version": "from versions 3.27 till 3.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-12T05:48:52",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8"
},
{
"name": "DSA-4684",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4684"
},
{
"name": "GLSA-202007-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202007-21"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-1763",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libreswan",
"version": {
"version_data": [
{
"version_value": "from versions 3.27 till 3.31"
}
]
}
}
]
},
"vendor_name": "the libreswan Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt",
"refsource": "CONFIRM",
"url": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329"
},
{
"name": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8",
"refsource": "CONFIRM",
"url": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8"
},
{
"name": "DSA-4684",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4684"
},
{
"name": "GLSA-202007-21",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202007-21"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-1763",
"datePublished": "2020-05-12T13:41:20",
"dateReserved": "2019-11-27T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-201401-0260
Vulnerability from variot - Updated: 2023-12-18 10:43Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. Openswan is a VPN implemented using ipsec technology. Versions prior to Libreswan 3.8 are vulnerable. Openswan is prone to a remote denial-of-service vulnerability due to a use-after-free error. An attacker may exploit this issue to crash the application, resulting in a denial-of-service condition. Note: This issue occurs only when Openswan is configured with 'nhelpers=0'. Openswan 2.3.0 to 2.6.36 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201401-0260",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "libreswan",
"scope": "eq",
"trust": 1.9,
"vendor": "libreswan",
"version": "3.6"
},
{
"model": "libreswan",
"scope": "eq",
"trust": 1.9,
"vendor": "libreswan",
"version": "3.4"
},
{
"model": "libreswan",
"scope": "eq",
"trust": 1.9,
"vendor": "libreswan",
"version": "3.3"
},
{
"model": "libreswan",
"scope": "lte",
"trust": 1.8,
"vendor": "libreswan",
"version": "3.7"
},
{
"model": "libreswan",
"scope": "eq",
"trust": 1.6,
"vendor": "libreswan",
"version": "3.0"
},
{
"model": "libreswan",
"scope": "eq",
"trust": 1.6,
"vendor": "libreswan",
"version": "3.5"
},
{
"model": "libreswan",
"scope": "eq",
"trust": 1.6,
"vendor": "libreswan",
"version": "3.1"
},
{
"model": "libreswan",
"scope": "eq",
"trust": 1.6,
"vendor": "libreswan",
"version": "3.2"
},
{
"model": "libreswan",
"scope": "eq",
"trust": 0.9,
"vendor": "libreswan",
"version": "3.7"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "3.7"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "6"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.22"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.21"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.20"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.16"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.36"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.35"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.33"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.29"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.28"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.27"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.26"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.6,
"vendor": "openswan",
"version": "2.6.25"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "contact fl mguard smart2 vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard smart2 vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard smart2",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard smart2",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard rs4004 tx/dtx vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard rs4004 tx/dtx vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard rs4004 tx/dtx",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard rs4004 tx/dtx",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard rs4000 tx/tx-p",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard rs4000 tx/tx-p",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard rs4000 tx/tx vpn-m",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard rs4000 tx/tx vpn-m",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard rs4000 tx/tx vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard rs4000 tx/tx vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard rs4000 tx/tx",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard rs4000 tx/tx",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard rs2005 tx vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard rs2005 tx vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard rs2000 tx/tx vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard rs2000 tx/tx vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard rs vpn analog",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard rs vpn analog",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard rs",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard rs",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard pcie4000 vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard pcie4000 vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard pci4000 vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard pci4000 vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard pci4000",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard pci4000",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard gt/gt vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard gt/gt vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard gt/gt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard gt/gt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard delta tx/tx vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard delta tx/tx vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard delta tx/tx",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard delta tx/tx",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "contact fl mguard centerport",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.1"
},
{
"model": "contact fl mguard centerport",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.38"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.37"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.34"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.31"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.30"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.24"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.23"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.19"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.18"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.17"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.15"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.14"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.2"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.39"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.13"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.12"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.11"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.10"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.09"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.08"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.07"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.06"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.05"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.04"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.03"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.01"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "contact fl mguard smart2 vpn",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard smart2",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard rs4004 tx/dtx vpn",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard rs4004 tx/dtx",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard rs4000 tx/tx-p",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard rs4000 tx/tx vpn-m",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard rs4000 tx/tx vpn",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard rs4000 tx/tx",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard rs2005 tx vpn",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard rs2000 tx/tx vpn",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard rs vpn analog",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard rs",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard pcie4000 vpn",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard pci4000 vpn",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard pci4000",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard gt/gt vpn",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard gt/gt",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard delta tx/tx vpn",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard delta tx/tx",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "contact fl mguard centerport",
"scope": "ne",
"trust": 0.3,
"vendor": "phoenix",
"version": "8.5.2"
},
{
"model": "libreswan",
"scope": "ne",
"trust": 0.3,
"vendor": "libreswan",
"version": "3.8"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.4.15"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.4.14"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.4.13"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.4.4"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.4.2"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.4"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.3.1"
},
{
"model": "openswan",
"scope": "eq",
"trust": 0.3,
"vendor": "openswan",
"version": "2.3"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"model": "openswan",
"scope": "ne",
"trust": 0.3,
"vendor": "openswan",
"version": "2.6.37"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00690"
},
{
"db": "BID",
"id": "65155"
},
{
"db": "BID",
"id": "64987"
},
{
"db": "BID",
"id": "50440"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005933"
},
{
"db": "NVD",
"id": "CVE-2013-6467"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-548"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:libreswan:libreswan:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libreswan:libreswan:3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libreswan:libreswan:3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libreswan:libreswan:3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libreswan:libreswan:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libreswan:libreswan:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libreswan:libreswan:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.7",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6467"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Iustina Melinte",
"sources": [
{
"db": "BID",
"id": "65155"
},
{
"db": "BID",
"id": "64987"
}
],
"trust": 0.6
},
"cve": "CVE-2013-6467",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-6467",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-00690",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6467",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-00690",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201401-548",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00690"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005933"
},
{
"db": "NVD",
"id": "CVE-2013-6467"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-548"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. Openswan is a VPN implemented using ipsec technology. \nVersions prior to Libreswan 3.8 are vulnerable. Openswan is prone to a remote denial-of-service vulnerability due to a use-after-free error. \nAn attacker may exploit this issue to crash the application, resulting in a denial-of-service condition. \nNote: This issue occurs only when Openswan is configured with \u0027nhelpers=0\u0027. \nOpenswan 2.3.0 to 2.6.36 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6467"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005933"
},
{
"db": "CNVD",
"id": "CNVD-2014-00690"
},
{
"db": "BID",
"id": "65155"
},
{
"db": "BID",
"id": "64987"
},
{
"db": "BID",
"id": "50440"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6467",
"trust": 3.9
},
{
"db": "BID",
"id": "64987",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "56420",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "102172",
"trust": 1.6
},
{
"db": "BID",
"id": "65155",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005933",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-00690",
"trust": 0.6
},
{
"db": "XF",
"id": "90522",
"trust": 0.6
},
{
"db": "XF",
"id": "20136467",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201401-548",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-250-02",
"trust": 0.3
},
{
"db": "BID",
"id": "50440",
"trust": 0.3
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00690"
},
{
"db": "BID",
"id": "65155"
},
{
"db": "BID",
"id": "64987"
},
{
"db": "BID",
"id": "50440"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005933"
},
{
"db": "NVD",
"id": "CVE-2013-6467"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-548"
}
]
},
"id": "VAR-201401-0260",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00690"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00690"
}
]
},
"last_update_date": "2023-12-18T10:43:38.883000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2013-6467 Libreswan dereferencing missing IKEv2 payloads causes restart",
"trust": 0.8,
"url": "https://libreswan.org/security/cve-2013-6467/cve-2013-6467.txt"
},
{
"title": "Patch for Openswan IKEv2 Load Remote Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/43206"
},
{
"title": "libreswan-3.8",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=47727"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00690"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005933"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-548"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005933"
},
{
"db": "NVD",
"id": "CVE-2013-6467"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://libreswan.org/security/cve-2013-6467/cve-2013-6467.txt"
},
{
"trust": 1.6,
"url": "http://osvdb.org/102172"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/56420"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/64987"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90522"
},
{
"trust": 0.9,
"url": "http://www.openswan.org/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6467"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6467"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/90522"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100178570"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-250-02"
},
{
"trust": 0.3,
"url": "https://download.libreswan.org/changes"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100152275"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00690"
},
{
"db": "BID",
"id": "65155"
},
{
"db": "BID",
"id": "64987"
},
{
"db": "BID",
"id": "50440"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005933"
},
{
"db": "NVD",
"id": "CVE-2013-6467"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-548"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-00690"
},
{
"db": "BID",
"id": "65155"
},
{
"db": "BID",
"id": "64987"
},
{
"db": "BID",
"id": "50440"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005933"
},
{
"db": "NVD",
"id": "CVE-2013-6467"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-548"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00690"
},
{
"date": "2014-01-27T00:00:00",
"db": "BID",
"id": "65155"
},
{
"date": "2014-01-15T00:00:00",
"db": "BID",
"id": "64987"
},
{
"date": "2011-10-31T00:00:00",
"db": "BID",
"id": "50440"
},
{
"date": "2014-01-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005933"
},
{
"date": "2014-01-26T20:55:05.377000",
"db": "NVD",
"id": "CVE-2013-6467"
},
{
"date": "2014-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-548"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00690"
},
{
"date": "2017-09-08T13:13:00",
"db": "BID",
"id": "65155"
},
{
"date": "2015-04-13T21:58:00",
"db": "BID",
"id": "64987"
},
{
"date": "2015-04-13T21:50:00",
"db": "BID",
"id": "50440"
},
{
"date": "2014-01-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005933"
},
{
"date": "2017-08-29T01:33:58.827000",
"db": "NVD",
"id": "CVE-2013-6467"
},
{
"date": "2014-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-548"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "65155"
},
{
"db": "BID",
"id": "64987"
},
{
"db": "BID",
"id": "50440"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Libreswan Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005933"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "65155"
},
{
"db": "BID",
"id": "64987"
}
],
"trust": 0.6
}
}