23 matches found
Astra Linux - уязвимость в linux-5.15
A issue was discovered in the Linux kernel before version 6.3.9. ksmbd does not validate the SMB request protocol ID, resulting in an out-of-bounds read...
EUVD-2023-42485
Malicious code in bioql PyPI...
libreswan: Invalid IKEv2 REKEY proposal causes restart
An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...
libreswan: Invalid IKEv2 REKEY proposal causes restart
An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...
CBL Mariner 2.0 Security Update: libreswan (CVE-2023-38710)
The version of libreswan installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-38710 advisory. - An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid...
Updated libreswan packages fix security vulnerabilities
The updated package fixes security vulnerabilities: pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. CVE-2023-30570 An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY...
libreswan: Invalid IKEv2 REKEY proposal causes restart
An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...
RHEL 9 : libreswan (RHSA-2023:6549)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6549 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide...
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1 an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.
...
AZL-34935 CVE-2023-38710 affecting package libreswan for versions less than 4.7-6
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...
Libreswan 安全漏洞
Libreswan is an IPsec implementation similar to Openswan, which is mainly used to ensure security and integrity issues in data transmission. A security vulnerability exists in Libreswan versions prior to 4.12, which stems from an error notification INVALIDSPI being sent in a renegotiation REKEY...
CVE-2023-38710
CVE-2023-38710 affects Libreswan prior to 4.12. The issue occurs when an IKEv2 Child SA REKEY packet carries an invalid IPsec protocol ID (0 or 1); the notify payload copies the ID but the outgoing verify code asserts that the protocol ID must be ESP (2) or AH (3), causing the pluto daemon to cra...
CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...
CVE-2023-38710
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...
CVE-2023-38710
An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID leading to an out-of-bounds read.
...
SUSE CVE-2023-38430
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...
Linux kernel input validation error vulnerability (CNVD-2023-62931)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An input validation error vulnerability exists in versions of Linux kernel prior to 6.3.9, which stems from ksmbd not validating the SMB request protocol ID, and can be exploit...
CVE-2023-38430
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...
UBUNTU-CVE-2023-38430
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...