CVE-2023-2295 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-2295 PUBLISHED CVSS 9.300000190734863 CRITICAL

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.

EPSS 1.63% · 81.8th percentile

Risk Scores

CVSS v4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS Score

1.63%

81.8th percentile

Affected Products

Vendor	Product	Versions
redhat	enterprise_linux_eus	9.2, 8.8, 9.2
libreswan	libreswan	4.9-1.el8, 4.9-1.el9, 4.9-1.el8
redhat	enterprise_linux_server_tus	8.8, 8.8
redhat	enterprise_linux_server_aus	8.8, 9.2, 8.8
n/a	libreswan	Affects libreswan v4.9-1.el8 and libreswan v4.9-1.el9, Fixed in libreswan v4.9-3.el8_8 and libreswan v4.9-4.el9_2, Affects libreswan v4.9-1.el8 and libreswan v4.9-1.el9, Fixed in libreswan v4.9-3.el8_8 and libreswan v4.9-4.el9_2
redhat	enterprise_linux	9.0, 8.0, 9.0

Timeline

May 17, 2023 CVE Published
May 18, 2023 EPSS Score
Jun 23, 2023 EPSS Score
Jul 29, 2023 EPSS Score
Oct 9, 2023 EPSS Score
Nov 13, 2023 EPSS Score
Dec 19, 2023 EPSS Score
Jan 24, 2024 EPSS Score
Feb 29, 2024 EPSS Score
May 11, 2024 EPSS Score
Jun 16, 2024 EPSS Score
Jul 22, 2024 EPSS Score

References

Open in Interactive Console →