Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 17 Mar 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 13 Feb 2025 00:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openshift
CPEs cpe:/a:redhat:openshift:4.15::el9
cpe:/a:redhat:openshift:4.16::el9
cpe:/a:redhat:openshift:4.17::el9
Vendors & Products Redhat openshift

Mon, 02 Dec 2024 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel E4s
CPEs cpe:/a:redhat:rhel_e4s:9.0
Vendors & Products Redhat rhel E4s

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-03-17T17:02:28.993Z

Reserved: 2023-01-11T00:00:00.000Z

Link: CVE-2023-23009

cve-icon Vulnrichment

Updated: 2024-08-02T10:28:39.782Z

cve-icon NVD

Status : Modified

Published: 2023-02-21T16:15:11.873

Modified: 2025-03-17T17:15:15.920

Link: CVE-2023-23009

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-02-21T00:00:00Z

Links: CVE-2023-23009 - Bugzilla

cve-icon OpenCVE Enrichment

No data.