CVE-2024-3652

Published: Apr 11, 2024

Modified: Feb 27, 2026

PUBLISHED

Description

The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.

Vendor	Product	Versions
The Libreswan Project (www.libreswan.org)	libreswan	affected `3.22 - <= 4.14` unaffected `5.0`

References

CVE-2024-3652

vendor-advisory

http://www.openwall.com/lists/oss-security/2024/04/18/2

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-3652

Description

Affected Products

References