Changes between Initial Version and Version 1 of CVE-2023-46850


Ignore:
Timestamp:
11/09/23 15:23:23 (10 months ago)
Author:
novaflash
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • CVE-2023-46850

    v1 v1  
     1= CVE-2023-46849: Incorrect use of send buffer causes memory to be sent to peer
     2
     3OpenVPN 2.6 from v2.6.0 up to and including v.2.6.6 incorrectly use a send buffer after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer. All configurations using TLS (e.g. not using --secret) are affected by this issue.
     4
     5This issue is resolved in OpenVPN 2.6.7.
     6
     7MITRE entry: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46850