Out-of-bounds Buffer Read in Libreswan Daemon Affecting Multiple Versions
CVE-2020-1763
7.5HIGH
What is CVE-2020-1763?
Libreswan contains an out-of-bounds buffer read vulnerability in its pluto daemon from versions 3.27 to 3.31. This flaw allows an unauthenticated attacker to exploit the vulnerability by sending specially-crafted IKEv1 Informational Exchange packets, potentially leading to a denial of service as the Libreswan daemon may crash and subsequently respawn. Users of the affected versions should consider applying patches or mitigations as outlined in security advisories.
Affected Version(s)
libreswan from versions 3.27 till 3.31
