Description
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.
INFO
Published Date :
2024-04-11T01:32:13.433Z
Last Modified :
2026-02-27T15:19:48.988Z
Source :
libreswan
AFFECTED PRODUCTS
The following products are affected by CVE-2024-3652 vulnerability.
| Vendors | Products |
|---|---|
| Libreswan |
|
| Redhat |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2024-3652.
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact