{"id":"CVE-2023-20897","details":"Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.","aliases":["GHSA-vpjg-wmf8-29h9","PYSEC-2023-166"],"modified":"2026-04-10T04:54:53.246948Z","published":"2023-09-05T11:15:32.973Z","related":["SUSE-SU-2023:3862-1","SUSE-SU-2023:3863-1","SUSE-SU-2023:3864-1","SUSE-SU-2023:3865-1","SUSE-SU-2023:3866-1","SUSE-SU-2023:3876-1","SUSE-SU-2023:3877-1","SUSE-SU-2023:3884-1","SUSE-SU-2023:3885-1","openSUSE-SU-2024:13188-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/"},{"type":"ADVISORY","url":"https://saltproject.io/security-announcements/2023-08-10-advisory/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/saltstack/salt","events":[{"introduced":"0"},{"fixed":"c71ff9204ab5ae90b21b68cf3447be472a8db8f2"},{"introduced":"86bb64dde27281d545ef46e1a42471a90c494197"},{"fixed":"8f750fa7ae115c48c16ca03ef3f16e4ba76f921c"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"3005.2"},{"introduced":"3006.0"},{"fixed":"3006.2"}]}}],"versions":["v0.10.0","v0.10.1","v0.10.2","v0.10.3","v0.10.4","v0.10.5","v0.11.0","v0.12.0","v0.13.0","v0.14.0","v0.15.0","v0.16","v0.17","v0.6.0","v0.7.0","v0.8.0","v0.8.7","v0.8.9","v0.9.0","v0.9.1","v0.9.2","v0.9.3","v0.9.9","v2014.1","v2014.7","v2015.2","v2015.5","v2015.8","v2016.11","v2016.3","v2016.9","v2017.5","v2017.7","v2018.11","v2018.2","v2018.3","v2019.2","v2019.2.1","v2019.2.1rc1","v3000","v3000.0rc1","v3000.0rc2","v3000.1","v3000_docs","v3001","v3001.1","v3001rc1","v3002","v3002.2","v3002rc1","v3003rc1","v3005","v3005.1","v3005.1-2","v3005.1-3","v3005.1-4","v3005rc1","v3005rc2","v3006.0","v3006.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-20897.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}