CVE-2024-3652

Name
CVE-2024-3652
Description
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vendor-advisory https://libreswan.org/security/CVE-2024-3652
d42dc95b-23f1-4e06-9076-20753a0fb0df http://www.openwall.com/lists/oss-security/2024/04/18/2

Match rules

CPE URI Source package Min version Max version
libreswan >= 3.22 <= 4.14
libreswan == 5.0 == 5.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libreswan edge-community 5.0-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libreswan 3.19-community 4.12-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
libreswan 3.20-community 5.0-r0 Natanael Copa <ncopa@alpinelinux.org> fixed