Vulnerability CVE-2023-38711
Published: 2023-08-25

Description:
An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.

 References:
https://github.com/libreswan/libreswan/tags
https://libreswan.org/security/CVE-2023-38711/
Copyright 2026, cxsecurity.com

 

Back to Top