|Description||The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)|
Vulnerable and fixed packages
The table below lists information on source packages.
|libreswan (PTS)||buster, buster (security)||3.27-6+deb10u1||fixed|
|bullseye (security), bullseye||4.3-1+deb11u1||fixed|
|strongswan (PTS)||buster, buster (security)||5.7.2-1+deb10u2||fixed|
|bullseye (security), bullseye||5.9.1-1+deb11u2||fixed|
The information below is based on the following data on fixed versions.
Not vulnerable: libreswan 3.29 and later, strongswan 5.0 and later, freeswan