[CLSA-2026:1784075638] libreswan: Fix of CVE-2026-12413
Type:
security
Severity:
Important
Release date:
2026-07-15 00:34:10 UTC
Description:
- CVE-2026-12413: fix an off-by-one assertion in reassemble_v2_incoming_fragments() that let a malformed IKEv2 fragment abort and restart the pluto daemon (DoS)
CVEs fixed:
Updated packages:
  • libreswan-4.15-8.el9_6.tuxcare.els1.x86_64.rpm
    sha:3d99120e2b0bbca2c967970c369447aa5bbd026fefd3f9361a2a9418838c462f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.