Vulnerabilities

CVE-2022-23094

by Fred · 14/01/2022

Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.

Date published : 2022-01-14

https://www.debian.org/security/2022/dsa-5048

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPMIHAXWQUJAPCIGNJ5J5Q6ASWQBU7T5/

Similar

Tags: Cybersecurity Alert