QwikSec

Security Database

CVE

CWE

Training

CVE-2024-2357

Published: Mar 11, 2024

Modified: Feb 13, 2025

PUBLISHED

Description

The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service.

Vendor	Product	Versions
The Libreswan Project (www.libreswan.org)	libreswan	unaffected `3.0 - <= 4.1` affected `4.2 - <= 4.12` unaffected `5.0`

References

vendor-advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/EJZJYFHKBIJ4ZK5GAWWFFR3AKJS6O5JX/

https://lists.fedoraproject.org/archives/list/[email protected]/message/HEM46ALKF7NG6CAUKZ7KQERVOHWQIQKY/

https://lists.fedoraproject.org/archives/list/[email protected]/message/TVQ7MZY6LFFGRWAJNTKKN2VSEFS2VPAR/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.