Libreswan Restart Issue with IKEv1 and AES-GMAC
CVE-2024-3652
6.5MEDIUM
Key Information:
- Status
- Vendor
- CVE Published:
- 11 April 2024
What is CVE-2024-3652?
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.
Affected Version(s)
libreswan 3.22 <= 4.14
libreswan 5.0
