CVE-2023-29323
- Source
- https://cve.org/CVERecord?id=CVE-2023-29323
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29323.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-29323
- Downstream
- Published
- 2023-04-04T23:15:07.347Z
- Modified
- 2026-04-12T03:51:09.021872Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
asciiloadsockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address.
- References
-
- https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/envelope.c.diff?r1=1.49&r2=1.49.4.1&f=h
- https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/envelope.c.diff?r1=1.50&r2=1.50.4.1&f=h
- https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/envelope.c.diff?r1=1.50&r2=1.51&f=h
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GZBNQBHCM6PIOUR6I5GEQS35XYT2NX6T/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GZBNQBHCM6PIOUR6I5GEQS35XYT2NX6T/
- https://security.netapp.com/advisory/ntap-20230526-0006/
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.1/common/024_smtpd.patch.sig
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/020_smtpd.patch.sig
- https://github.com/OpenSMTPD/OpenSMTPD/commit/41d0eae481f538956b1f1fbadfb535043454061f
- https://github.com/openbsd/src/commit/f748277ed1fc7065ae8998d61ed78b9ab1e55fae
Affected packages
Git / github.com/opensmtpd/opensmtpd
Affected ranges
- Type
- GIT
- Repo
- https://github.com/opensmtpd/opensmtpd
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/openbsd/src
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/opensmtpd/opensmtpd
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/openbsd/src
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
l
opensmtpd-20121030111957p1
opensmtpd-20121106111009p1
opensmtpd-20121107175757p1
opensmtpd-20121113231010p1
opensmtpd-201211152324p1
opensmtpd-201211232348p1
opensmtpd-201211261224p1
opensmtpd-201212031111p1
opensmtpd-201212081318p1
opensmtpd-201212222206p1
opensmtpd-201301031733p1
opensmtpd-201301111154p1
opensmtpd-201301191220p1
opensmtpd-201301241740p1
opensmtpd-201301252211p1
opensmtpd-201301281310p1
opensmtpd-201302051638p1
opensmtpd-201302141353p1
opensmtpd-201302152354p1
opensmtpd-201302212015p1
opensmtpd-201303011853p1
opensmtpd-201303201252p1
opensmtpd-201303211343p1
opensmtpd-201303221610p1
opensmtpd-201303311750p1
opensmtpd-201304041639p1
opensmtpd-201305171925p1
opensmtpd-201305171950p1
opensmtpd-201305241932p1
opensmtpd-201306071637p1
opensmtpd-201306211627p1
opensmtpd-201306271531p1
opensmtpd-201307091512p1
opensmtpd-201307121003p1
opensmtpd-201307151923p1
opensmtpd-201307191003p1
opensmtpd-201307191119p1
opensmtpd-201307221453p1
opensmtpd-201307290744p1
opensmtpd-201309091202p1
opensmtpd-201309121848p1
opensmtpd-201309121931p1
opensmtpd-201309201537p1
opensmtpd-201309241457p1
opensmtpd-201309241712p1
opensmtpd-201309241818p1
opensmtpd-201309251624p1
opensmtpd-201309261726p1
opensmtpd-201310081839p1
opensmtpd-201310101759p1
opensmtpd-201310231634p1
opensmtpd-201310241356p1
opensmtpd-201310251946p1
opensmtpd-201310281424p1
opensmtpd-201311071830p1
opensmtpd-201311181634p1
opensmtpd-201311182347p1
opensmtpd-201311201707p1
opensmtpd-201311261029p1
opensmtpd-201311270853p1
opensmtpd-201311281211p1
opensmtpd-201311292259p1
opensmtpd-201312021552p1
opensmtpd-201312021558p1
opensmtpd-201312081717p1
opensmtpd-201312131550p1
opensmtpd-201312142054p1
opensmtpd-201401061555p1
opensmtpd-201401201010p1
opensmtpd-201401201614p1
opensmtpd-201401202159p1
opensmtpd-201401231518p1
opensmtpd-201401241552p1
opensmtpd-201404151432p1
opensmtpd-201405071644p1
opensmtpd-201405121644p1
opensmtpd-201405121707p1
opensmtpd-201405142229p1
opensmtpd-201405142325p1
opensmtpd-201405202105p1
opensmtpd-201406061833p1
opensmtpd-201406170940p1
opensmtpd-201406190036p1
opensmtpd-201406192219p1
opensmtpd-201406192306p1
opensmtpd-201410012105p1
opensmtpd-201410040019p1
opensmtpd-201410131657p1
opensmtpd-201410152136p1
opensmtpd-201411042328p1
opensmtpd-201411052125p1
opensmtpd-201412241507p1
opensmtpd-201501060207p1
opensmtpd-201502012312p1
opensmtpd-201505091607p1
opensmtpd-201505121836p1
opensmtpd-201505241924p1
opensmtpd-201506020910p1
opensmtpd-201506112227p1
opensmtpd-201601051911p1
opensmtpd-201602031446p1
opensmtpd-201602120826p1
opensmtpd-201602131612p1
opensmtpd-201602131907p1
opensmtpd-201605221711p1
opensmtpd-201606062256p1
opensmtpd-201606062303p1
opensmtpd-201606071034p1
opensmtpd-201606152203p1
opensmtpd-201606220754p1
opensmtpd-201609141253p1
opensmtpd-201702130941p1
opensmtpd-201801101420p1
opensmtpd-5.*
opensmtpd-5.0p1
opensmtpd-5.2.1p1
opensmtpd-5.3p1
opensmtpd-5.4.2p1
opensmtpd-5.9.1p1
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.1"
}
]
},
{
"events": [
{
"introduced": "7.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.0.0-portable"
}
]
}
]
vanir_signatures
[
{
"id": "CVE-2023-29323-20961338",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "4273168760489095610131962012935199391",
"length": 747.0
},
"source": "https://github.com/openbsd/src/commit/f748277ed1fc7065ae8998d61ed78b9ab1e55fae",
"target": {
"function": "ascii_load_sockaddr",
"file": "usr.sbin/smtpd/envelope.c"
},
"deprecated": false
},
{
"id": "CVE-2023-29323-9b117514",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"121343129352937646309753480043887538774",
"27658729311587092110253159157523301237",
"307723820120859430508451318078768283581",
"59631714156229265994358181693354706424",
"205590946201468938027881964481250129741",
"173102012682250654189718786747889849804",
"242587908472784403319446247082267485510",
"115864062855091883774683773787879052208",
"100469814400592261409416991240776914770",
"134598844820278463442713305635631132795",
"303663955460024469657064273918478829695",
"155325469374240793252373240125896788990",
"225820823196600032836275918050058074621",
"162806313729918849220180547291237980311",
"110171387971216874683292972118627036968",
"124538062636615419568009400263227626764",
"69312357083410322261306556473684039355",
"195865398375155136243681113047558657456",
"150487531236833897869106936967612127770",
"198447647319859300444114032015201799415"
],
"threshold": 0.9
},
"source": "https://github.com/openbsd/src/commit/f748277ed1fc7065ae8998d61ed78b9ab1e55fae",
"target": {
"file": "usr.sbin/smtpd/envelope.c"
},
"deprecated": false
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29323.json"
vanir_signatures_modified
"2026-04-12T03:51:09Z"