{"id":"AZL-35885","summary":"CVE-2024-2357 affecting package libreswan for versions less than 4.15-1","details":"The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service.","modified":"2026-04-01T05:12:15.110573Z","published":"2024-03-11T20:15:07Z","upstream":["CVE-2024-2357"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-2357"}],"affected":[{"package":{"name":"libreswan","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/libreswan"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-35885.json"}}],"schema_version":"1.7.5"}