CVE-2023-30570
Summary
| CVE | CVE-2023-30570 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-05-29 00:15:00 UTC |
| Updated | 2023-06-03 04:12:00 UTC |
| Description | pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28. |
Risk And Classification
Problem Types: CWE-400
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt | CONFIRM | libreswan.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 160578 Oracle Enterprise Linux Security Update for libreswan (ELSA-2023-2120)
- 160579 Oracle Enterprise Linux Security Update for libreswan (ELSA-2023-2122)
- 241406 Red Hat Update for libreswan (RHSA-2023:2122)
- 241407 Red Hat Update for libreswan (RHSA-2023:2120)
- 241408 Red Hat Update for libreswan (RHSA-2023:2125)
- 241409 Red Hat Update for libreswan (RHSA-2023:2121)
- 241412 Red Hat Update for libreswan (RHSA-2023:2123)
- 241602 Red Hat Update for libreswan (RHSA-2023:2126)
- 241628 Red Hat Update for libreswan (RHSA-2023:2124)
- 283977 Fedora Security Update for libreswan (FEDORA-2023-30f824b8b8)
- 283978 Fedora Security Update for libreswan (FEDORA-2023-60faf77aca)
- 284149 Fedora Security Update for libreswan (FEDORA-2023-19046bf703)
- 379626 Alibaba Cloud Linux Security Update for libreswan (ALINUX3-SA-2024:0039)
- 502994 Alpine Linux Security Update for libreswan
- 941002 AlmaLinux Security Update for libreswan (ALSA-2023:2122)