PT-2023-18792 · Libreswan+4 · Libreswan+4

Tej Rathi

Published

2023-05-09

Updated

2025-01-22

CVE-2023-2295

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libreswan (affected versions not specified)

Description A security issue was found in the libreswan library. This occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This issue exists due to a security regression in the libreswan package.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALSA-2023:3107

ALSA-2023:3148

CESA-2023_3107

CVE-2023-2295

RHSA-2023:3107

RHSA-2023:3148

RHSA-2023_3107

RHSA-2023_3148

RHSA-2024:10594

RLSA-2023:3107

Affected Products

Almalinux

Centos

Red Hat

Rocky Linux

Libreswan

PT-2023-18792 · Libreswan+4 · Libreswan+4

CVE-2023-2295

Weakness Enumeration

Related Identifiers

Affected Products

References · 20