Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.
References
Configurations
History
21 Nov 2024, 07:45
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/libreswan/libreswan/issues/954 - Exploit, Issue Tracking, Patch | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF/ - | |
References | () https://www.debian.org/security/2023/dsa-5368 - Third Party Advisory |
07 Nov 2023, 04:07
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2023-02-21 16:15
Updated : 2024-11-21 07:45
NVD link : CVE-2023-23009
Mitre link : CVE-2023-23009
CVE.ORG link : CVE-2023-23009
JSON object : View
Products Affected
debian
- debian_linux
libreswan
- libreswan
CWE
CWE-400
Uncontrolled Resource Consumption