Skip to main content

Libreswan CVE-2023-2295

HIGH
Uncontrolled Resource Consumption (CWE-400)
2023-05-17 secalert@redhat.com
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
May 17, 2023 - 23:15 nvd
HIGH 7.5

DescriptionNVD

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.

AnalysisAI

A vulnerability was found in the libreswan library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Uncontrolled Resource Consumption (CWE-400), which allows attackers to cause denial of service by exhausting system resources. A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. Affected products include: Libreswan, Redhat Enterprise Linux, Redhat Enterprise Linux Eus, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Tus.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement rate limiting, set resource quotas, validate input sizes, use timeouts.

CVE-2013-7283 CRITICAL POC
9.3 Jan 09

Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has

CVE-2019-12312 HIGH POC
7.5 May 24

In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. Rated high severity (CVSS 7.5), this vuln

CVE-2023-23009 MEDIUM POC
6.5 Feb 21

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS pa

CVE-2013-7294 MEDIUM POC
5.0 Jan 16

The ikev2parent_inI1outR1 function in pluto/ikev2_parent.c in libreswan before 3.7 allows remote attackers to cause a de

CVE-2016-3071 HIGH
7.5 Apr 18

Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transfor

CVE-2016-5361 HIGH
7.5 Jun 16

programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers t

CVE-2016-5391 HIGH
7.5 Jun 13

libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon re

CVE-2026-12413 HIGH
7.5 Jul 02

Denial of service in the Libreswan IPsec VPN's pluto daemon allows remote unauthenticated attackers to crash and repeate

CVE-2023-30570 HIGH
7.5 May 29

pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticat

CVE-2020-1763 HIGH
7.5 May 12

An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unau

CVE-2023-38712 MEDIUM
6.5 Aug 25

An issue was discovered in Libreswan 3.x and 4.x before 4.12. Rated medium severity (CVSS 6.5), this vulnerability is re

CVE-2023-38711 MEDIUM
6.5 Aug 25

An issue was discovered in Libreswan before 4.12. Rated medium severity (CVSS 6.5), this vulnerability is remotely explo

Share

CVE-2023-2295 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy