CVE-2023-38711 — NULL Pointer Dereference in Libreswan

CWE-476 — NULL Pointer Dereference6 documents6 sources

Severity

6.5MEDIUMNVD

EPSS

0.1%

top 80.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libreswan Debian Libreswan Msrc Azl3 Libreswan 4.7-6 ON Azure Linux 3.0 +6 more

Timeline

PublishedAug 25

Description

An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages10 packages

▶debiandebian/libreswan< libreswan 4.12-1 (forky)

▶NVDlibreswan/libreswan4.6 — 4.12

▶Debianlibreswan/libreswan< 4.12-1+1

▶msrcmsrc/azl3_libreswan_4.7-6_on_azure_linux_3.0

▶msrcmsrc/azl3_libreswan_4.7-7_on_azure_linux_3.0

🔴Vulnerability Details

OSV

CVE-2023-38711: An issue was discovered in Libreswan before 4↗2023-08-25

▶

GHSA

GHSA-prwp-xrv5-5jv3: An issue was discovered in Libreswan before 4↗2023-08-25

▶

📋Vendor Advisories

Red Hat

libreswan: Invalid IKEv1 Quick Mode ID causes restart↗2023-08-08

▶

Microsoft

An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN a NULL pointer dereference caus↗2023-08-08

▶

Debian

CVE-2023-38711: libreswan - An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode conne...↗2023

▶