A flaw was found in Libreswan, where it was identified to contain an assertion failure issue in the compute_proto_keymat() function. The vulnerability can be exploited when an IKEv1 connection is loaded with an AH/ESP default setting when no esp= line is present in the connection. This flaw allows an authenticated attacker to send the bogus AES-GMAC proposal request, triggering the issue and causing Libreswan to crash and restart. When this connection is automatically added on startup using the auto= keyword, it can cause repeated crashes, leading to a denial of service. No remote code execution is possible.
An esp= line using a common IKEv1 algorithm list can be added to all IKEv1 based connections. An example of such an esp= line could be:
esp=aes-sha2_512,aes-sha1,aes-sha2_256,aes-md5,3des-sha1,3des-md5