CVE-2020-1763

An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.

Published: May 12, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-1763
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
libreswan / libreswan	3.5	3.5.x
libreswan / libreswan	3.27	3.31.x

https://bugzilla.redhat.com/show_bug.cgi?id=1813329
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763
https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf
https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8
https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt
https://security.gentoo.org/glsa/202007-21
https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04
https://www.debian.org/security/2020/dsa-4684

Vulnerability Database

289,697

CVE-2020-1763