Myozcamo

**Name of the Vulnerable Software and Affected Versions** Libreswan versions 4.2 through 4.5 **Description** The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and daemon crash, via a crafted IKEv1 packet. This occurs because the pluto/ikev1.c file wrongly expects that a state object exists. **Recommendations** For versions 4.2 through 4.5, update to version 4.6 to resolve the issue. As a temporary workaround, consider restricting access to the IKEv1 packet handling functionality until the update is applied.