OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
[
{
"product": "openvpn",
"vendor": "OpenVPN Technologies, Inc",
"versions": [
{
"status": "affected",
"version": "< 2.3.15"
},
{
"status": "affected",
"version": "< 2.4.2"
}
]
}
]