12:09am PST - January 17th, 2022
CVE-2022-23094 Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6. (… https://t.co/qea4sRrKfk
0 retweets 0 likes - ThreatMeter (@threatmeter)