Lucene search
Ubuntu.comUB:CVE-2023-2295HistoryMay 17, 2023 - 12:00 a.m.
CVE-2023-2295
2023-05-1700:00:00
ubuntu.com
ubuntu.com
10
vulnerability
libreswan
ikev1 aggressive mode
crypto algorithms
security regression
red hat enterprise linux
0.004 Low
EPSS
Percentile
72.9%
A vulnerability was found in the libreswan library. This security issue
occurs when an IKEv1 Aggressive Mode packet is received with only
unacceptable crypto algorithms, and the response packet is not sent with a
zero responder SPI. When a subsequent packet is received where the sender
reuses the libreswan responder SPI as its own initiator SPI, the pluto
daemon state machine crashes. No remote code execution is possible. This
CVE exists because of a CVE-2023-30570 security regression for libreswan
package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.
Related
prion
prion
Remote code execution
2023-05-17 23:15:00
Code injection
2023-05-29 00:15:00
nessus
nessus
Oracle Linux 9 : libreswan (ELSA-2023-3148)
2023-05-17 00:00:00
RHEL 9 : libreswan (RHSA-2023:3148)
2023-05-17 00:00:00
Oracle Linux 8 : libreswan (ELSA-2023-3107)
2023-05-24 00:00:00
cve
cve
CVE-2023-2295
2023-05-17 23:15:09
CVE-2023-30570
2023-05-29 00:15:09
almalinux
almalinux
Important: libreswan security update
2023-05-16 00:00:00
Important: libreswan security update
2023-05-16 00:00:00
Important: libreswan security update
2023-05-04 00:00:00
cvelist
cvelist
CVE-2023-2295
2023-05-17 00:00:00
CVE-2023-30570
2023-05-28 00:00:00
osv
osv
Important: libreswan security update
2023-05-16 00:00:00
Important: libreswan security update
2023-05-16 00:00:00
Important: libreswan security update
2023-05-18 19:17:56
rocky
rocky
libreswan security update
2023-05-18 19:17:56
redhat
redhat
(RHSA-2023:3148) Important: libreswan security update
2023-05-16 18:42:22
(RHSA-2023:3107) Important: libreswan security update
2023-05-16 10:20:18
(RHSA-2023:2123) Important: libreswan security update
2023-05-04 12:56:15
redhatcve
redhatcve
CVE-2023-2295
2023-05-05 08:51:49
CVE-2023-30570
2023-05-04 04:51:19
cbl_mariner
cbl_mariner
CVE-2023-30570 affecting package libreswan for versions less than 4.14-1
2024-04-09 20:48:36
fedora
fedora
[SECURITY] Fedora 37 Update: libreswan-4.11-1.fc37
2023-05-13 02:28:05
[SECURITY] Fedora 38 Update: libreswan-4.11-1.fc38
2023-05-13 02:27:20
[SECURITY] Fedora 36 Update: libreswan-4.11-1.fc36
2023-05-13 01:21:01
oraclelinux
oraclelinux
libreswan security update
2023-05-05 00:00:00
libreswan security update
2023-05-05 00:00:00
libreswan security update
2023-05-24 00:00:00
veracode
veracode
Null Pointer Dereference
2023-05-14 13:47:10
alpinelinux
alpinelinux
CVE-2023-30570
2023-05-29 00:15:09
debiancve
debiancve
CVE-2023-30570
2023-05-29 00:15:09
ubuntucve
ubuntucve
CVE-2023-30570
2023-05-29 00:00:00
openvas
openvas
Fedora: Security Advisory for libreswan (FEDORA-2023-60faf77aca)
2023-05-14 00:00:00
Fedora: Security Advisory for libreswan (FEDORA-2023-19046bf703)
2023-05-14 00:00:00
Fedora: Security Advisory for libreswan (FEDORA-2023-30f824b8b8)
2023-05-14 00:00:00
mageia
mageia
Updated libreswan packages fix security vulnerabilities
2024-03-24 07:57:19