-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ====================================================================== CVE-2026-12413: IKEv2 Denial of Service via malformed fragmentation ====================================================================== This alert (and any updates) are available at the following URLs: https://libreswan.org/security/CVE-2026-12413 The Libreswan Project was notified of an issue when it receives an invalidly formatted IKEv2 fragment causing the server to crash and restart. A continued stream of such packets would cause a denial of service. Severity: Medium Vulnerable versions : 4.6 - 5.3 Not vulnerable : 5.3.1 or later Vulnerability details ===================== The function reassemble_v2_incoming_fragments() would ignore unknown outer payloads but still store these in a fixed size array msg_digest.digest[PAYLIMIT]. An assertion is then used: PASSERT(logger, md->digest_roof < elemsof(md->digest)) which should have been: PASSERT(logger, md->digest_roof <= elemsof(md->digest)) The assertion causes the daemon to abort and restart. No RCE is possible. Exploitation ============ Any configuration that allows IKEv2 connections that do not set fragmentation=no are vulnerable. IKEv1 is not affected. Workaround ========== If fragmentation is not needed, fragmentation=no can be added to all IKEv2 configurations. If fragmentation is needed, no workaround is possible and the above shown fix needs to be applied. History ======= * 16-06-2026 Libreswan was notified of the issue via security@libreswan.org. * 16-06-2026 Advanced notice given to supported customers and distributions. * 24-06-2026 Public announcement and release of libreswan 5.3.1. Credits ======= This vulnerability was found and reported by Hu Xinyao. Upgrading ========= To address this vulnerability, please upgrade to libreswan 5.3.1 or later. Patches ======= For those who cannot upgrade, patches for libreswan 4.15 and 5.3 are available at: https://libreswan.org/security/CVE-2026-21413/ About libreswan (https://libreswan.org/) ======================================== Libreswan is a free implementation of the Internet Key Exchange (IKE) protocols IKEv1 and IKEv2. It is a descendant (continuation fork) of openswan 2.6.38. IKE is used to establish IPsec VPN connections. IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted network is encrypted by the IPsec gateway machine, and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network (VPN). -----BEGIN PGP SIGNATURE----- iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAmo8DzoTHHRlYW1AbGli cmVzd2FuLm9yZwAKCRCF/0tDsw/G+V0aD/0QtZ44uU6/CT1E9CCagwYA5thfxEF+ YIw5FBXXDS5SWZ/W5067mr2DqGOVYyGPvgr8yGwTYmahnRF93NUybRW3W1ngW6+O F7UjWSdQ8/nhtt1Mir9Br9SVabbEz4GrbGW8Cvr/uEC+SVjJRvBHyCRjx5iMkLIs dhK1PgFY2gZSJouCZJnQjmcDTNCV31jaHzKWTMxSTSSN2dZvaKBHrAHLFTEUFl8J wpjS8fbS3+BY3xsmBT8QxrQVOf4y+op8Lt2uoBkyVPUAo5/+plrkjej9G3RWi4Q5 OBGqU6SExi2UTxxj+ede2+6iDIZ8yirU3+Vm7lDVbAJwnkWcaH3e/bY033w/ESWP kGCXxz7vaMs83exbIdXOI4xfXrTkyIQKT7Y8kjlCjTl/0Cexo5We8Dchy2j0uRy3 o0JJynDNKNtHaIutUS4/wdOf2NnkXdENVezUQerfrZeutoIVqJS5hMEBFwH/so7M RgPO3en0HQUGMl9qdRs3n8mKrlO5dddc4oI0cQZlPVFYnZkGhhde8qyqmcWkcswb 0xRQPtgG4eH2pjtKSWR5B0By9wYd/iOzhWRxshrDh+kcovP8TK3ymILjhxg/Hu/S R3fzX8jFe/grpHvcgNVh77OrgPQZy8u2IfCy7YTxQnkkcMxQLHLtZYkZoEXvrt/1 q64LLWzck/Cdsw== =GiA2 -----END PGP SIGNATURE-----