Description
Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd temporary file.
References (4)
Core 4
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/56276
Vendor Advisory mailing-list
x_refsource_mlist
https://lists.libreswan.org/pipermail/swan-announce/2013/000007.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/101575
Exploit, Patch x_refsource_confirm
https://github.com/libreswan/libreswan/commit/ef2d756e73a188401c36133c2e2f7ce4f3c6ae55
Scores
EPSS
0.0163
EPSS Percentile
73.1%
Details
CWE
CWE-362
Status
published
Products (1)
libreswan/libreswan
3.6
Published
Jan 09, 2014
Tracked Since
Feb 18, 2026