CVE-2026-14957

Public on 2026-07-18
Modified on 2026-07-18
Description
In Libreswan before 5.3.2, when the operating system and Libreswan are running in FIPS mode and at least one CA certificate is loaded, a malformed X.509 certificate payload can cause the pluto daemon to abort on an assertion. In FIPS mode, add_decoded_cert() calls CERT_ExtractPublicKey() and asserts the result is non-NULL, but the function returns NULL when public key extraction fails (for example when the RSA exponent is 0), triggering the assertion failure. A remote, unauthenticated attacker can send such a corrupt CERT payload (over IKEv1 or IKEv2) before authentication completes, crashing and restarting the daemon; repeated sending causes a sustained denial of service. Remote code execution is not possible. Versions 3.0 through 5.3.1 are affected.
Severity
Medium severity
Medium
See what this means
CVSS v3 Base Score
5.9
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Core NetworkManager-libreswan Not Affected
Amazon Linux 2 - Core libreswan Pending Fix
Amazon Linux 2023 libreswan Pending Fix

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H