CVE-2024-2357
IKEv2 misconfiguration can cause libreswan to abort and restart
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.5EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
11 mar 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Productos afectados
The Libreswan Project (www.libreswan.org) · libreswan¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://libreswan.org/security/CVE-2024-2357https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJZJYFHKBIJ4ZK5GAWWFFR3AKJS6O5JX/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HEM46ALKF7NG6CAUKZ7KQERVOHWQIQKY/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVQ7MZY6LFFGRWAJNTKKN2VSEFS2VPAR/