openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.
References
Link | Resource |
---|---|
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761 | Mailing List Third Party Advisory |
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24 | Release Notes Vendor Advisory |
https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b | Patch Third Party Advisory |
https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6 | Release Notes Third Party Advisory |
https://www.tenable.com/security/research/tra-2018-09 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-05-01T18:00:00
Updated: 2018-05-05T09:57:01
Reserved: 2018-04-05T00:00:00
Link: CVE-2018-9336
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-05-01T18:29:00.697
Modified: 2018-06-13T14:27:26.440
Link: CVE-2018-9336
JSON object: View
Redhat Information
No data.
CWE