An issue was discovered in Libreswan before 4.12. When an... · CVE-2023-38711 · GitHub Advisory Database · GitHub

An issue was discovered in Libreswan before 4.12. When an...

Moderate severity Unreviewed Published Aug 25, 2023 to the GitHub Advisory Database • Updated Dec 12, 2023

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.

References

Published by the National Vulnerability Database

Aug 25, 2023

Published to the GitHub Advisory Database Aug 25, 2023

Last updated Dec 12, 2023