CVE-2023-30570

Name
CVE-2023-30570
Description
pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
CONFIRM https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:* libreswan >= 3.28 <= 4.10

Vulnerable and fixed packages

Source package Branch Version Maintainer Status