vulnerability

Red Hat: CVE-2023-2295: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux (Multiple Advisories)

Name: Red Hat: CVE-2023-2295: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux (Multiple Advisories)
Creator: Red Hat
Published: 2023-05-16T00:00:00.000Z
Keywords: CVE, CWE-400, Red Hat, 2023, 2295, Regression of CVE, redhat-upgrade-libreswan, redhat-upgrade-libreswan-debuginfo, redhat-upgrade-libreswan-debugsource, Severity 8

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

May 16, 2023

Added

May 17, 2023

Modified

Mar 27, 2026

Description

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.

Solutions

redhat-upgrade-libreswanredhat-upgrade-libreswan-debuginforedhat-upgrade-libreswan-debugsource

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report