CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-23009

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.1%

CVSS Severity

CVSS v3 Score 6.5

References

https://github.com/libreswan/libreswan/issues/954
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF/
https://www.debian.org/security/2023/dsa-5368
https://github.com/libreswan/libreswan/issues/954
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF/
https://www.debian.org/security/2023/dsa-5368

Products affected by CVE-2023-23009

Libreswan » Libreswan » Version: 4.9

cpe:2.3:a:libreswan:libreswan:4.9
Debian » Debian Linux » Version: 11.0

cpe:2.3:o:debian:debian_linux:11.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-23009

Products

Pricing

Contact Us