7 matches found
Fedora: Security Advisory (FEDORA-2023-d9d55a0bfc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6484-1: OpenVPN vulnerabilities
It was discovered that OpenVPN incorrectly handled the --fragment option in certain configurations. A remote attacker could possibly use this issue to cause OpenVPN to crash, resulting in a denial of service. CVE-2023-46849 It was discovered that OpenVPN incorrectly handled certain memory...
CVE-2023-46850
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer...
CVE-2023-46850
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer...
CVE-2023-46850
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer...
CVE-2023-46850
CVE-2023-46850 concerns OpenVPN 2.6.0–2.6.6, where a use-after-free when sending network buffers to a remote peer can cause undefined behavior, memory leakage, or remote code execution. Multiple connected advisories confirm this issue and document downstream fixes across distros: Debian/DSA-5555-...
openvpn -- 2.6.0...2.6.6 --fragment option division by zero crash, and TLS data leak
The OpenVPN community project team reports: CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore "--fragment" configuration in some circumstances, leading to a division by zero when "--fragment" is used. On platforms where division by zero is fatal, this will cause an OpenV...