CVE-2022-23094 – Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL point …

Vuln ID: CVE-2022-23094

Published:  2022-01-15  02:15:06Z

Description: Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.

Source: NVD.NIST.GOV