CVE-2024-2357
Published: 11 March 2024
The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service.
Priority
References
- https://libreswan.org/security/CVE-2024-2357/CVE-2024-2357.patch
- https://libreswan.org/security/CVE-2024-2357/CVE-2024-2357.txt
- https://github.com/libreswan/libreswan/issues/1609
- https://libreswan.org/security/CVE-2024-2357
- https://www.cve.org/CVERecord?id=CVE-2024-2357
- NVD
- Launchpad
- Debian