Page 2 of 8 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. • https://access.redhat.com/errata/RHSA-2023:3107 https://access.redhat.com/errata/RHSA-2023:3148 https://access.redhat.com/security/cve/CVE-2023-2295 https://bugzilla.redhat.com/show_bug.cgi?id=2189777 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28. A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. • https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt https://access.redhat.com/security/cve/CVE-2023-30570 https://bugzilla.redhat.com/show_bug.cgi?id=2187165 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length. A flaw was found in the Libreswan package. A crafted TS payload with an incorrect selector length may allow a remote attacker to cause a denial of service. • https://github.com/libreswan/libreswan/issues/954 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF https://www.debian.org/security/2023/dsa-5368 https://access.redhat.com/security/cve/CVE-2023-23009 https://bugzilla.redhat.com/show_bug.cgi?id=2173610 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •