PT-2023-18792 · Libreswan+4 · Libreswan+4

Tej Rathi

Publicado

2023-05-09

Atualizado

2025-01-22

CVE-2023-2295

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libreswan (affected versions not specified)

Description A security issue was found in the libreswan library. This occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This issue exists due to a security regression in the libreswan package.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400

Identificadores relacionados

ALSA-2023:3107

ALSA-2023:3148

CESA-2023_3107

CVE-2023-2295

RHSA-2023:3107

RHSA-2023:3148

RHSA-2023_3107

RHSA-2023_3148

RHSA-2024:10594

RLSA-2023:3107

Produtos afetados

Almalinux

Centos

Red Hat

Rocky Linux

Libreswan

PT-2023-18792 · Libreswan+4 · Libreswan+4

CVE-2023-2295

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 20