vulnerability
CentOS Linux: CVE-2020-1763: Important: libreswan security update (CESA-2020:2070)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | May 12, 2020 | May 13, 2020 | May 25, 2023 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
May 12, 2020
Added
May 13, 2020
Modified
May 25, 2023
Description
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
Solutions
centos-upgrade-libreswancentos-upgrade-libreswan-debuginfocentos-upgrade-libreswan-debugsource
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.