{"id":"CVE-2023-23009","details":"Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.","modified":"2026-03-17T14:28:37.030528Z","published":"2023-02-21T16:15:11.873Z","related":["ALSA-2023:2633","ALSA-2023:3095","MGASA-2023-0089"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MFOIQX2LRL43P3GJT33DE7G7COHNXDN/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSMYJH7MC2FZGCY5NH5AXULO3ISXIHOF/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5368"},{"type":"FIX","url":"https://github.com/libreswan/libreswan/issues/954"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libreswan/libreswan","events":[{"introduced":"0"},{"last_affected":"394c823abbf8af6afaf6c9c71fb53fca775bfae7"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.9"}]}}],"versions":["0.9.9","2.4.4","2.4.5dr2","2.9","debian/3.18-1","debian/3.19-1","debian/3.19-2","debian/3.20-1","debian/3.20-2","debian/3.20-3","debian/3.20-4","debian/3.20-5","debian/3.20-6","debian/3.20-7","debian/3.21-1","debian/3.21_rc2-1","debian/3.21_rc5-1","libreswan-0.0.1","pre_FreeBSD_merge_200607","snapshot-20060308","snapshot-20060316","v2.4.10-merged-2.5.15","v2.5-last-stable-from-old-branch","v2.5.01","v2.5.03","v2.5.05","v2.5.08","v2.5.09","v2.5.0cl8","v2.5.0dr1","v2.5.0sbs","v2.5.0sbs1","v2.5.0sbs2","v2.5.0sbs3","v2.5.0sbs4","v2.5.0sbs5","v2.5.0sbs6","v2.5.10","v2.5.11","v2.5.12","v2.5.13","v2.5.14","v2.5.15","v2.5.16","v2.5.17","v2.6.01","v2.6.02","v2.6.03","v2.6.04","v2.6.05","v2.6.06","v2.6.07","v2.6.08","v2.6.09","v2.6.10","v2.6.11","v2.6.12","v2.6.13","v2.6.14","v2.6.15","v2.6.15dr2","v2.6.16","v2.6.16dr1","v2.6.16dr2","v2.6.16dr3","v2.6.16dr4","v2.6.16dr5","v2.6.17","v2.6.18","v2.6.18rc1","v2.6.19","v2.6.19dr1","v2.6.20","v2.6.20bis","v2.6.20rc2","v2.6.21","v2.6.22","v2.6.22dr1","v2.6.22dr2","v2.6.22rc1","v2.6.22rc2","v2.6.23","v2.6.23dr1","v2.6.23dr2","v2.6.23dr3","v2.6.24","v2.6.24rc1","v2.6.24rc2","v2.6.24rc3","v2.6.24rc4","v2.6.24rc5","v2.6.25","v2.6.25dr1","v2.6.26","v2.6.26dr1","v2.6.26rc1","v2.6.27","v2.6.27dr1","v2.6.27dr2","v2.6.27rc1","v2.6.28","v2.6.28dr1","v2.6.28dr2","v2.6.28dr3","v2.6.28dr4","v2.6.28dr5","v2.6.28dr6","v2.6.28dr7","v2.6.28rc1","v2.6.28rc2","v2.6.29","v2.6.29dr1","v2.6.29dr10","v2.6.29dr11","v2.6.29dr12","v2.6.29dr13","v2.6.29dr14","v2.6.29dr15","v2.6.29dr17","v2.6.29dr2","v2.6.29dr3","v2.6.29dr4","v2.6.29dr5","v2.6.29dr6","v2.6.29dr7","v2.6.29dr8","v2.6.29dr9","v2.6.29rc1","v2.6.29rc2","v2.6.30","v2.6.30dr1","v2.6.30dr2","v2.6.30dr3","v2.6.30rc1","v2.6.31","v2.6.32","v2.6.32dr1","v2.6.32dr2","v2.6.32dr3","v2.6.32dr4","v2.6.32dr5","v2.6.32rc1","v2.6.32rc2","v2.6.32rc3","v2.6.32rc4","v2.6.32rc5","v2.6.32rc6","v2.6.32rc7","v2.6.32rc8","v2.6.32rc9","v2.6.33","v2.6.33dr1","v2.6.33dr2","v2.6.33rc1","v2.6.34","v2.6.34dr1","v2.6.34dr2","v2.6.34rc1","v2.6.34rc2","v2.6.34rc3","v2.6.34rc4","v2.6.34rc5","v2.6.34rc6","v2.6.35","v2.6.35dr1","v2.6.35rc1","v2.6.36","v2.6.36dr1","v2.6.36rc1","v2.6.37","v2.6.38","v2.6.38dr2","v2.6.38rc1","v2.6.38rc2","v2.9","v2.91","v2.92","v2.93","v2.94","v2.999","v3.0","v3.1","v3.10","v3.10dr1","v3.10rc1","v3.10rc2","v3.11","v3.11dr1","v3.12","v3.12rc1","v3.14","v3.14rc1","v3.14rc2","v3.14rc3","v3.15","v3.16","v3.16rc2","v3.16rc3","v3.17","v3.18","v3.18dr2","v3.18dr3","v3.19","v3.2","v3.20","v3.20dr3","v3.20dr4","v3.21","v3.21_rc2","v3.21_rc5","v3.21rc2","v3.21rc5","v3.22","v3.22dr1","v3.25","v3.26","v3.27","v3.28","v3.2rc1","v3.3","v3.30","v3.4","v3.5","v3.6","v3.7","v3.8","v3.9","v3.9rc1","v4.0","v4.1","v4.2","v4.3","v4.4","v4.5","v4.6","v4.7","v4.8","v4.9"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-23009.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"11.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}