CVE-2024-3652 : The Libreswan Project was notified of an issue causing libreswan to restart when

The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.

Published 2024-04-11 02:15:48

Updated 2024-10-29 18:35:08

Source libreswan

View at NVD, CVE.org

Products affected by CVE-2024-3652

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2024-3652

EPSS FAQ

0.25%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 49 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2024-3652

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	2.8	3.6	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-10-29
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

References for CVE-2024-3652

http://www.openwall.com/lists/oss-security/2024/04/18/2

oss-security - libreswan: IKEv1 default AH/ESP responder can crash and restart
https://libreswan.org/security/CVE-2024-3652

404 Not Found

Jump to

Vulnerability Details : CVE-2024-3652

Products affected by CVE-2024-3652

Exploit prediction scoring system (EPSS) score for CVE-2024-3652

CVSS scores for CVE-2024-3652

References for CVE-2024-3652