CVE-2023-46850: Incorrect use of send buffer can cause memory to be sent to peer

OpenVPN 2.6 from v2.6.0 up to and including v.2.6.6 incorrectly use a send buffer after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer. All configurations using TLS (e.g. not using --secret) are affected by this issue.

This issue is resolved in OpenVPN 2.6.7.

MITRE entry:

Last modified 6 months ago Last modified on 11/09/23 15:24:35