USN-6484-1: OpenVPN vulnerabilities
16 November 2023
Several security issues were fixed in OpenVPN.
- openvpn - virtual private network software
It was discovered that OpenVPN incorrectly handled the --fragment option
in certain configurations. A remote attacker could possibly use this issue
to cause OpenVPN to crash, resulting in a denial of service.
It was discovered that OpenVPN incorrectly handled certain memory
operations. A remote attacker could use this issue to cause OpenVPN to
crash, obtain sensitive information, or possibly execute arbitrary code.