View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-10396 severity moderate: SUSE including 4 source package names (ipsec-tools, ipsec-tools-0.7.3-1.38.3.1, ipsec-tools-0.8.0-19.3.1, ipsec-tools-0.8.2-5.35), 35 product×package rows across 34 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (34 product lines)): Fixed 21, Known Not Affected 14.
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place.