CVE-2024-27459: Windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation
interactive.c: Fix potential stack overflow issue
When reading message from the pipe, we first peek the pipe to get the size of the message waiting to be read and then read the message. A compromised OpenVPN process could send an excessively large message, which would result in a stack-allocated message buffer overflow.
To address this, we terminate the misbehaving process if the peeked message size exceeds the maximum allowable size.
References
- Release notes: https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html
- CVE record: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27459
- Reported by: Vladimir Tokarev <vtokarev@…>
Last modified 9 months ago
Last modified on 03/21/24 14:59:45