Количество 10
Количество 10
GHSA-4967-9mw7-522q
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.
CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.
CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.
CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.
CVE-2023-38710
CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child ...
BDU:2023-05883
Уязвимость библиотеки VPN-протокола с использованием "IPsec" libreswan, связанная с достижимым утверждением, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании»
ROS-20230913-03
Множественные уязвимости libreswan
ELSA-2023-7052
ELSA-2023-7052: libreswan security update (MODERATE)
ELSA-2023-6549
ELSA-2023-6549: libreswan security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-4967-9mw7-522q An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20. | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-38710 An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-38710 An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-38710 An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад | |
| CVE-2023-38710 An issue was discovered in Libreswan before 4.12. When an IKEv2 Child ... | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | BDU:2023-05883 Уязвимость библиотеки VPN-протокола с использованием "IPsec" libreswan, связанная с достижимым утверждением, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании» | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
 | ROS-20230913-03 Множественные уязвимости libreswan | CVSS3: 7.5 | около 2 лет назад | |
| ELSA-2023-7052 ELSA-2023-7052: libreswan security update (MODERATE) | около 2 лет назад | ||
| ELSA-2023-6549 ELSA-2023-6549: libreswan security update (MODERATE) | около 2 лет назад |
Уязвимостей на страницу