|Description||The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)|
Vulnerable and fixed packages
The table below lists information on source packages.
|libreswan (PTS)||buster, buster (security)||3.27-6+deb10u1||fixed|
|bookworm, sid, bullseye||4.3-1||fixed|
|strongswan (PTS)||stretch (security), stretch||5.5.1-4+deb9u4||fixed|
|bookworm, sid, bullseye||5.9.1-1||fixed|
The information below is based on the following data on fixed versions.
Not vulnerable: libreswan 3.29 and later, strongswan 5.0 and later, freeswan