CVE-2024-3652 Common Vulnerabilities and Exposures

Upstream information

CVE-2024-3652 at MITRE

Description

The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entry: 1222661 [RESOLVED / INVALID]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Liberty Linux 8	`libreswan >= 4.12-2.el8_10.4`	Patchnames: RHSA-2024:4376
SUSE Liberty Linux 9	`libreswan >= 4.12-2.el9_4.1`	Patchnames: RHSA-2024:4050

SUSE Timeline for this CVE

CVE page created: Thu Apr 11 06:00:14 2024
CVE page last modified: Tue Jul 16 12:28:20 2024