Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 : OpenSSL vulnerabilities (USN-6119-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6119-1 advisory. Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possib...

CVE-2023-2650

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

Oracle Linux 8 : libreswan (ELSA-2023-3107)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-3107 advisory. - Fix CVE-2023-30570: Malicious IKEv1 Aggressive Mode packets can crash libreswan Tenable has extracted the preceding description block directly from the Oracle...

AlmaLinux 8 : libreswan (ALSA-2023:3107)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3107 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...

Rocky Linux 8 : libreswan (RLSA-2023:3107)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:3107 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...

AlmaLinux 9 : libreswan (ALSA-2023:3148)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3148 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...

Remote code execution

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

CVE-2023-2295

Libreswan pluto vulnerability (CVE-2023-2295): via IKEv1 Aggressive Mode, a packet with unacceptable crypto algs and missing zero responder SPI can cause the pluto state machine to crash when a later packet reuses the responder SPI as the initiator SPI. No remote code execution is described. This...

CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

Oracle Linux 9 : libreswan (ELSA-2023-3148)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-3148 advisory. - Fix CVE-2023-30570:Malicious IKEv1 Aggressive Mode packets can crash libreswan Tenable has extracted the preceding description block directly from the Oracle...

kernel: race condition in xfrm_probe_algs can lead to OOB read/write

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

[SECURITY] Fedora 37 Update: vtk-9.1.0-18.fc37

VTK is an open-source software system for image processing, 3D graphics, volume rendering and visualization. VTK includes many advanced algorithms e.g., surface reconstruction, implicit modeling, decimation and rendering techniques e.g., hardware-accelerated volume rendering, LOD control. NOTE: T...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1862)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openssh: the functions order_hostkeyalgs() and list_hostkey_types() leads to double-free vulnerability

A flaw was found in the OpenSSH server sshd, which introduced a double-free vulnerability during options.kexalgorithms handling. An unauthenticated attacker can trigger the double-free in the default configuration...

CVE-2022-22313 IBM QRadar Data Synchronization App information disclosure

IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370...

CVE-2022-22313 IBM QRadar Data Synchronization App information disclosure

IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370...

CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

libreswan: Malicious IKEv1 Aggressive Mode packets can crash libreswan

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

libreswan: Malicious IKEv1 Aggressive Mode packets can crash libreswan

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

CVE-2023-30570

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...