๐Ÿ” CVE Alert

CVE-2026-12413

HIGH 7.5

IKEv2 Denial of Service via malformed fragmentation

CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown outer payloads but still store these in a fixed size array msg_digest.digest[PAYLIMIT]. An off-by-one error in the assertion PASSERT(logger, md->digest_roof < elemsof(md->digest)) causes the daemon to abort. No remote code execution is possible. Any configuration that allows IKEv2 connections that do not set fragmentation=no are vulnerable. IKEv1 is not affected.

CWE CWE-193 CWE-617
Vendor the libreswan project
Product libreswan
Published Jul 2, 2026
Stay Ahead of the Next One

Get instant alerts for the libreswan project libreswan

Be the first to know when new high vulnerabilities affecting the libreswan project libreswan are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Affected Versions

The Libreswan Project / libreswan
4.6 โ‰ค 5.3

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
libreswan.org: https://libreswan.org/security/CVE-2026-12413/CVE-2026-12413.txt libreswan.org: https://libreswan.org/security/CVE-2026-12413/

Credits

Hu Xinyao