View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-5361 severity moderate: SUSE including 6 source package names (libreswan-3.15-8.el7, strongswan, strongswan-doc, strongswan-hmac, strongswan-ipsec, strongswan-libs0), 44 product×package rows across 16 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (16 product lines)): Known Not Affected 43, Fixed 1.
programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from the libreswan vendor; as of 2016-06-10, it is expected that several other IKEv1 implementations will have vendor-required security updates, with separate CVE IDs assigned to each.