Debian Security Advisory 5368-1

Debian Security Advisory 5368-1: Posted Mar 6, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5368-1 - It was discovered that the libreswan IPsec implementation could be forced into a crash/restart via malformed IKEv2 packets after peer authentication, resulting in denial of service.; tags | advisory, denial of service; systems | linux, debian; advisories | CVE-2023-23009; SHA-256 | 74882477fb28107aed943fa993f4c9b0d3b7991a4336bac07118bf09e48d93eb; Download | Favorite | View

Debian Security Advisory 5368-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5368-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
March 03, 2023                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libreswan
CVE ID         : CVE-2023-23009
Debian Bug     : 1031821

It was discovered that the libreswan IPsec implementation could be
forced into a crash/restart via malformed IKEv2 packets after peer
authentication, resulting in denial of service.

For the stable distribution (bullseye), this problem has been fixed in
version 4.3-1+deb11u3.

We recommend that you upgrade your libreswan packages.

For the detailed security status of libreswan please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/libreswan

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmQCUIxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0R+XA/8C9tcRpaDWv6IsxJam+6YPviUXdUGQ6NgJOSxes7NHjl4mdYbJm/xUrm/
nM4C272cHbhfd/RJf/TqZM+aPvJ6ohcq6OfgVQlef7ys92RDPrpyOq0jVyWzHI6O
/CsRRMehgQD68Q5RAUe9CFxGDZ2YfI/+sEyts6bh0h4TStZbWWYSVO/ZhQvrLRbH
evGBoHX6qNRu8PYTlkgDeBmDpHAuHE6s5IlTwldaFSZlxMI2DycRBEF7ZiqKPXGl
gcn5gX0qQbfZOD9AlKEr5dlvMLQYE4AHWIgh35clwr7Nm/BqXP4QXGvMu4Of+djc
u+z+OIRhJqgVOJ3+cYYu4NN6wwGs6ZJgKtYxEYRRepUo0/fomM4YDZery3LgaCA4
HdbeW4oMbQm1az1VjwQBaOk1O0kKcA3Po87PRQCNSyZnus7f5IflT5G75tZn4HyU
s54iYoo6jT3lZ1zS9STupO8TdmWdEQpo6RCoIh8h4b89/+Uv4g6LlvFilyT+cf7H
ZVC4sEJ8VW/eSg9PwNfcYWlEAzJeVZccUPatLLe6bKf6Hi4c9JTcnlITpExtd4qn
4C4+5glzy910OGHjKXS2ljJCgVi+A9ch7Bndi7y07apYwh+yavbvppCbC6h5PauE
PIPc4ElQHa7cTOUjIAj4M9fD1JtK0BSwQ17hAwDCRa8PYRmWAJ4=S2f1
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 144 files
Ubuntu 111 files
Debian 18 files
Rafael Pedrero 11 files
LiquidWorm 10 files
Google Security Research 10 files
Apple 9 files
Abdulhakim Oner 8 files
nu11secur1ty 8 files
Hubert Wojciechowski 6 files

File Archives

Systems

AIX (426)
Apple (1,960)
BSD (370)
CentOS (56)
Cisco (1,919)
Debian (6,714)
Fedora (1,691)
FreeBSD (1,242)
Gentoo (4,288)
HPUX (878)
iOS (340)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,130)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,923)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,448)
UNIX (9,208)
UnixWare (185)
Windows (6,532)
Other

Debian Security Advisory 5368-1

Debian Security Advisory 5368-1

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5368-1

Share This

Debian Security Advisory 5368-1

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems