Upstream information

CVE-2024-3652 at MITRE

Description

The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entry: 1222661 [RESOLVED / INVALID]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Liberty Linux 8
  • libreswan >= 4.12-2.el8_10.4
Patchnames:
RHSA-2024:4376
SUSE Liberty Linux 9
  • libreswan >= 4.12-2.el9_4.1
Patchnames:
RHSA-2024:4050


SUSE Timeline for this CVE

CVE page created: Thu Apr 11 06:00:14 2024
CVE page last modified: Tue Jul 16 12:28:20 2024