Openswan · Openswan · CVE-2014-2037
**Name of the Vulnerable Software and Affected Versions**
Openswan version 2.6.40
**Description**
The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and IKE daemon restart, via IKEv2 packets that lack expected payloads. This problem exists due to an incomplete fix for a previous issue.
**Recommendations**
For Openswan version 2.6.40, at the moment, there is no information about a newer version that contains a fix for this vulnerability.