[CLSA-2026:1784019530] libreswan: Fix of CVE-2026-12413
Type:
security
Severity:
Important
Release date:
2026-07-14 08:59:06 UTC
Description:
- CVE-2026-12413: fix an off-by-one assertion in reassemble_v2_incoming_fragments() that let a malformed IKEv2 fragment abort and restart the pluto daemon (DoS)
CVEs fixed:
Updated packages:
  • libreswan-4.12-2.el9_2.tuxcare.els2.x86_64.rpm
    sha:a286f861546031005784393da0d1eac091ae127b529e11594f5534e558f940b8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.