CyberSec.Space Logo
Back to CVE Browser

CVE-2020-1763

HIGH
7.5
CVSS Severity Score
EPSS Score0.1250%
EPSS Percentile15.85th
PublishedMay 12, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.

Affected Platforms (CPE)

πŸ“¦
Libreswan

Libreswan

>= 3.27 and <= 3.31
πŸ“¦
Libreswan

Libreswan

= 3.5

References & Advisories

πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=1813329
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763
πŸ”— https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf
πŸ”— https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8
πŸ”— https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt
πŸ”— https://security.gentoo.org/glsa/202007-21
πŸ”— https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04
πŸ”— https://www.debian.org/security/2020/dsa-4684

Related Vulnerabilities

CVE-2013-72839.3

Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecifie...

CVE-2016-30717.5

Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.

CVE-2019-123127.5

In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference ...

CVE-2016-53617.5

programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a ...