CVE-2019-12312 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2019-12312 Interim 1 28 2026-03-05T06:16:16Z current 2021-05-30T14:28:36Z 2026-03-05T06:16:16Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2019-12312 In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expected IKE_AUTH exchange. This affects send_v2N_spi_response_from_state() in programs/pluto/ikev2_send.c that will then trigger a NULL pointer dereference leading to a restart of libreswan. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Liberty Linux 8 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise High Performance Computing 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Server 11 SP4 LTSS SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 libreswan-3.29-6.el8 strongswan strongswan-doc strongswan-hmac strongswan-ipsec strongswan-libs0 libreswan-3.29-6.el8 as a component of SUSE Liberty Linux 8 strongswan as a component of SUSE Linux Enterprise Desktop 12 SP4 strongswan-doc as a component of SUSE Linux Enterprise Desktop 12 SP4 strongswan-ipsec as a component of SUSE Linux Enterprise Desktop 12 SP4 strongswan-libs0 as a component of SUSE Linux Enterprise Desktop 12 SP4 strongswan as a component of SUSE Linux Enterprise High Performance Computing 12 SP4 strongswan as a component of SUSE Linux Enterprise Module for Basesystem 15 strongswan-doc as a component of SUSE Linux Enterprise Module for Basesystem 15 strongswan-hmac as a component of SUSE Linux Enterprise Module for Basesystem 15 strongswan-ipsec as a component of SUSE Linux Enterprise Module for Basesystem 15 strongswan-libs0 as a component of SUSE Linux Enterprise Module for Basesystem 15 strongswan as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 strongswan-doc as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 strongswan-hmac as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 strongswan-ipsec as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 strongswan-libs0 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 strongswan as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata strongswan as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata strongswan as a component of SUSE Linux Enterprise Server 11 SP4 LTSS strongswan as a component of SUSE Linux Enterprise Server 12 SP1-LTSS strongswan-doc as a component of SUSE Linux Enterprise Server 12 SP1-LTSS strongswan-hmac as a component of SUSE Linux Enterprise Server 12 SP1-LTSS strongswan-ipsec as a component of SUSE Linux Enterprise Server 12 SP1-LTSS strongswan-libs0 as a component of SUSE Linux Enterprise Server 12 SP1-LTSS strongswan as a component of SUSE Linux Enterprise Server 12 SP2-LTSS strongswan-doc as a component of SUSE Linux Enterprise Server 12 SP2-LTSS strongswan-hmac as a component of SUSE Linux Enterprise Server 12 SP2-LTSS strongswan-ipsec as a component of SUSE Linux Enterprise Server 12 SP2-LTSS strongswan-libs0 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS strongswan as a component of SUSE Linux Enterprise Server 12 SP3-BCL strongswan-doc as a component of SUSE Linux Enterprise Server 12 SP3-BCL strongswan-hmac as a component of SUSE Linux Enterprise Server 12 SP3-BCL strongswan-ipsec as a component of SUSE Linux Enterprise Server 12 SP3-BCL strongswan-libs0 as a component of SUSE Linux Enterprise Server 12 SP3-BCL strongswan as a component of SUSE Linux Enterprise Server 12 SP3-LTSS strongswan-doc as a component of SUSE Linux Enterprise Server 12 SP3-LTSS strongswan-hmac as a component of SUSE Linux Enterprise Server 12 SP3-LTSS strongswan-ipsec as a component of SUSE Linux Enterprise Server 12 SP3-LTSS strongswan-libs0 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS strongswan as a component of SUSE Linux Enterprise Server 12 SP4 strongswan-doc as a component of SUSE Linux Enterprise Server 12 SP4 strongswan-hmac as a component of SUSE Linux Enterprise Server 12 SP4 strongswan-ipsec as a component of SUSE Linux Enterprise Server 12 SP4 strongswan-libs0 as a component of SUSE Linux Enterprise Server 12 SP4 strongswan as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 strongswan-doc as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 strongswan-hmac as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 strongswan-ipsec as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 strongswan-libs0 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 strongswan as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 strongswan-doc as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 strongswan-hmac as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 strongswan-ipsec as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 strongswan-libs0 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 strongswan as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 strongswan-doc as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 strongswan-hmac as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 strongswan-ipsec as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 strongswan-libs0 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expected IKE_AUTH exchange. This affects send_v2N_spi_response_from_state() in programs/pluto/ikev2_send.c that will then trigger a NULL pointer dereference leading to a restart of libreswan. CVE-2019-12312 SUSE Liberty Linux 8:libreswan-3.29-6.el8 SUSE Linux Enterprise Desktop 12 SP4:strongswan SUSE Linux Enterprise Desktop 12 SP4:strongswan-doc SUSE Linux Enterprise Desktop 12 SP4:strongswan-ipsec SUSE Linux Enterprise Desktop 12 SP4:strongswan-libs0 SUSE Linux Enterprise High Performance Computing 12 SP4:strongswan SUSE Linux Enterprise Module for Basesystem 15 SP1:strongswan SUSE Linux Enterprise Module for Basesystem 15 SP1:strongswan-doc SUSE Linux Enterprise Module for Basesystem 15 SP1:strongswan-hmac SUSE Linux Enterprise Module for Basesystem 15 SP1:strongswan-ipsec SUSE Linux Enterprise Module for Basesystem 15 SP1:strongswan-libs0 SUSE Linux Enterprise Module for Basesystem 15:strongswan SUSE Linux Enterprise Module for Basesystem 15:strongswan-doc SUSE Linux Enterprise Module for Basesystem 15:strongswan-hmac SUSE Linux Enterprise Module for Basesystem 15:strongswan-ipsec SUSE Linux Enterprise Module for Basesystem 15:strongswan-libs0 SUSE Linux Enterprise Server 11 SP1 for Teradata:strongswan SUSE Linux Enterprise Server 11 SP3 for Teradata:strongswan SUSE Linux Enterprise Server 11 SP4 LTSS:strongswan SUSE Linux Enterprise Server 12 SP1-LTSS:strongswan SUSE Linux Enterprise Server 12 SP1-LTSS:strongswan-doc SUSE Linux Enterprise Server 12 SP1-LTSS:strongswan-hmac SUSE Linux Enterprise Server 12 SP1-LTSS:strongswan-ipsec SUSE Linux Enterprise Server 12 SP1-LTSS:strongswan-libs0 SUSE Linux Enterprise Server 12 SP2-LTSS:strongswan SUSE Linux Enterprise Server 12 SP2-LTSS:strongswan-doc SUSE Linux Enterprise Server 12 SP2-LTSS:strongswan-hmac SUSE Linux Enterprise Server 12 SP2-LTSS:strongswan-ipsec SUSE Linux Enterprise Server 12 SP2-LTSS:strongswan-libs0 SUSE Linux Enterprise Server 12 SP3-BCL:strongswan SUSE Linux Enterprise Server 12 SP3-BCL:strongswan-doc SUSE Linux Enterprise Server 12 SP3-BCL:strongswan-hmac SUSE Linux Enterprise Server 12 SP3-BCL:strongswan-ipsec SUSE Linux Enterprise Server 12 SP3-BCL:strongswan-libs0 SUSE Linux Enterprise Server 12 SP3-LTSS:strongswan SUSE Linux Enterprise Server 12 SP3-LTSS:strongswan-doc SUSE Linux Enterprise Server 12 SP3-LTSS:strongswan-hmac SUSE Linux Enterprise Server 12 SP3-LTSS:strongswan-ipsec SUSE Linux Enterprise Server 12 SP3-LTSS:strongswan-libs0 SUSE Linux Enterprise Server 12 SP4:strongswan SUSE Linux Enterprise Server 12 SP4:strongswan-doc SUSE Linux Enterprise Server 12 SP4:strongswan-hmac SUSE Linux Enterprise Server 12 SP4:strongswan-ipsec SUSE Linux Enterprise Server 12 SP4:strongswan-libs0 SUSE Linux Enterprise Server for SAP Applications 12 SP2:strongswan SUSE Linux Enterprise Server for SAP Applications 12 SP2:strongswan-doc SUSE Linux Enterprise Server for SAP Applications 12 SP2:strongswan-hmac SUSE Linux Enterprise Server for SAP Applications 12 SP2:strongswan-ipsec SUSE Linux Enterprise Server for SAP Applications 12 SP2:strongswan-libs0 SUSE Linux Enterprise Server for SAP Applications 12 SP3:strongswan SUSE Linux Enterprise Server for SAP Applications 12 SP3:strongswan-doc SUSE Linux Enterprise Server for SAP Applications 12 SP3:strongswan-hmac SUSE Linux Enterprise Server for SAP Applications 12 SP3:strongswan-ipsec SUSE Linux Enterprise Server for SAP Applications 12 SP3:strongswan-libs0 SUSE Linux Enterprise Server for SAP Applications 12 SP4:strongswan SUSE Linux Enterprise Server for SAP Applications 12 SP4:strongswan-doc SUSE Linux Enterprise Server for SAP Applications 12 SP4:strongswan-hmac SUSE Linux Enterprise Server for SAP Applications 12 SP4:strongswan-ipsec SUSE Linux Enterprise Server for SAP Applications 12 SP4:strongswan-libs0 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L