| 1 | = CVE-2024-27903: Windows: disallow loading of plugins from untrusted installation paths, which could be used to attack openvpn.exe via a malicious plugin |
| 2 | |
| 3 | win32: Enforce loading of plugins from a trusted directory |
| 4 | |
| 5 | Currently, there's a risk associated with allowing plugins to be loaded from any location. This update ensures plugins are only loaded from a trusted directory, which is either: |
| 6 | - HKLM\SOFTWARE\OpenVPN\plugin_dir (or if the key is missing, then HKLM\SOFTWARE\OpenVPN, which is installation directory) |
| 7 | - System directory |
| 8 | Loading from UNC paths is disallowed. |
| 9 | |
| 10 | === References |
| 11 | * Release notes: https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html |
| 12 | * CVE record: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27903 |
| 13 | * Reported by: Vladimir Tokarev <vtokarev@microsoft.com> |