Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Libreswan 代码问题漏洞
Vulnerability Description
Libreswan是一个类似于Openswan的IPsec实现,它主要用于保证数据传输中的安全性、完整性问题。 Libreswan 3.x版本、4.x版本至4.12之前版本存在安全漏洞,该漏洞源于当一个IKEv1 ISAKMP SA信息交换数据包包含一个Delete/Notify负载,随后又包含进一步操作ISAKMP SA的Notifies,比如重复的Delete/Notify消息,会导致一个空指针解引用,从而导致pluto守护进程崩溃并重新启动。
CVSS Information
N/A
Vulnerability Type
N/A