CVE-2023-38711
Summary
| CVE | CVE-2023-38711 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-08-25 21:15:00 UTC |
| Updated | 2023-08-31 00:38:00 UTC |
| Description | An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6. |
Risk And Classification
Problem Types: CWE-476
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Index of /security/CVE-2023-38711/ | MISC | libreswan.org | |
| Tags · libreswan/libreswan · GitHub | MISC | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 161115 Oracle Enterprise Linux Security Update for libreswan (ELSA-2023-6549)
- 161181 Oracle Enterprise Linux Security Update for libreswan (ELSA-2023-7052)
- 242396 Red Hat Update for libreswan (RHSA-2023:6549)
- 242409 Red Hat Update for libreswan (RHSA-2023:7052)
- 284426 Fedora Security Update for libreswan (FEDORA-2023-ddd6e6b49b)
- 284427 Fedora Security Update for libreswan (FEDORA-2023-dbc6d8a124)
- 379626 Alibaba Cloud Linux Security Update for libreswan (ALINUX3-SA-2024:0039)
- 506109 Alpine Linux Security Update for libreswan
- 907266 Common Base Linux Mariner (CBL-Mariner) Security Update for libreswan (28065-1)
- 941393 AlmaLinux Security Update for libreswan (ALSA-2023:6549)
- 941474 AlmaLinux Security Update for libreswan (ALSA-2023:7052)