Vulnerability Description
The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service.
CVSS Score
MEDIUM
References
- https://libreswan.org/security/CVE-2024-2357
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://libreswan.org/security/CVE-2024-2357
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://lists.fedoraproject.org/archives/list/[email protected]
FAQ
What is CVE-2024-2357?
CVE-2024-2357 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connectio...
How severe is CVE-2024-2357?
CVE-2024-2357 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-2357?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.