CVE-2023-41378
- Source
- https://cve.org/CVERecord?id=CVE-2023-41378
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41378.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-41378
- Aliases
- Related
- Published
- 2023-11-06T16:15:42.273Z
- Modified
- 2026-04-10T05:01:12.225517Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In certain conditions for Calico Typha (v3.26.2, v3.25.1 and below), and Calico Enterprise Typha (v3.17.1, v3.16.3, v3.15.3 and below), a client TLS handshake can block the Calico Typha server indefinitely, resulting in denial of service. The TLS Handshake() call is performed inside the main server handle for loop without any timeout allowing an unclean TLS handshake to block the main loop indefinitely while other connections will be idle waiting for that handshake to finish.
- References
Affected packages
Git / github.com/projectcalico/calico
Affected ranges
- Type
- GIT
- Repo
- https://github.com/projectcalico/calico
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "fixed": "3.15.4" }, { "introduced": "3.16.0" }, { "fixed": "3.16.4" }, { "introduced": "3.17.0" }, { "fixed": "3.17.2" }, { "introduced": "0" }, { "fixed": "3.25.2" }, { "introduced": "3.26.0" }, { "fixed": "3.26.3" } ] }
Affected versions
v0.*
v0.1.0-typha
v0.1.1-typha
v0.1.2-typha
v0.1.3-typha
v0.1.4-typha
v0.1.5-typha
v0.1.7-typha
v0.2.1-typha
v0.2.2-typha
v0.2.3-pre1-typha
v0.2.3-typha
v0.3.0-typha
v0.3.1-typha
v0.4.0-typha
v0.5.0-typha
v0.5.1-typha
v0.6.0-alpha1-rc1-typha
v0.6.0-alpha1-typha
v0.6.0-beta1-typha
v0.6.0-typha
v2.*
v2.5.0
v2.5.0-calico
v2.5.0-rc2
v2.5.0-rc2-calico
v2.6.0
v2.6.0-calico
v2.6.0-rc1
v2.6.0-rc1-calico
v2.6.0-rc2
v2.6.0-rc2-calico
v2.6.2
v2.6.2-calico
v3.*
v3.0.0
v3.0.0-alpha1-rc1
v3.0.0-alpha1-rc1-calico
v3.0.0-calico
v3.0.1
v3.0.1-calico
v3.0.12
v3.0.12-calico
v3.1.7
v3.1.7-calico
v3.10.0
v3.10.0-0.dev-typha
v3.10.0-calico
v3.10.2
v3.10.2-calico
v3.11.0-0.dev-typha
v3.11.0-typha
v3.11.1
v3.11.1-calico
v3.11.1-typha
v3.12.0-typha
v3.13.0-0.dev-typha
v3.13.0-typha
v3.13.1-typha
v3.13.2-typha
v3.13.3-typha
v3.13.4-typha
v3.13.5-typha
v3.14.0-0.dev-typha
v3.15.0-0.dev-typha
v3.15.0-typha
v3.15.1-typha
v3.15.2-typha
v3.16.0
v3.16.0-calico
v3.16.0-typha
v3.16.1-typha
v3.16.2-typha
v3.16.5
v3.16.5-calico
v3.17.0-typha
v3.17.1-typha
v3.17.5
v3.17.5-calico
v3.18.1
v3.18.1-calico
v3.18.5
v3.18.5-calico
v3.2.0
v3.2.0-calico
v3.2.0-typha
v3.2.1-typha
v3.2.8
v3.2.8-calico
v3.24.0-0.dev
v3.25.0-0.dev
v3.25.1
v3.26.0
v3.26.1
v3.26.2
v3.3.0-typha
v3.3.7
v3.3.7-calico
v3.4.0-0.dev-typha
v3.4.0-typha
v3.4.1-typha
v3.5.0-0.dev-typha
v3.5.0-beta.0-typha
v3.5.0-typha
v3.5.1-typha
v3.6.0-0.dev-typha
v3.6.0-typha
v3.6.1-typha
v3.7.0-0.dev-typha
v3.8.0-0.dev-typha
v3.8.5
v3.8.5-calico
v3.9.0
v3.9.0-0.dev-typha
v3.9.0-calico
v3.9.4
v3.9.4-calico