{"id":"UBUNTU-CVE-2019-10155","details":"The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.","modified":"2025-10-24T04:47:36Z","published":"2019-06-12T14:29:00Z","upstream":["CVE-2019-10155"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-10155"},{"type":"REPORT","url":"https://libreswan.org/security/CVE-2019-10155/"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2019-10155"}],"affected":[{"package":{"name":"libreswan","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/libreswan@3.23-4?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.20-7build1","3.21-2","3.22-1","3.22-2","3.22-3","3.22-4","3.23-1","3.23-4"],"ecosystem_specific":{"binaries":[{"binary_version":"3.23-4","binary_name":"libreswan"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-10155.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"low"}]}