wiki:CVE-2024-27459

CVE-2024-27459: Windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation

interactive.c: Fix potential stack overflow issue

When reading message from the pipe, we first peek the pipe to get the size of the message waiting to be read and then read the message. A compromised OpenVPN process could send an excessively large message, which would result in a stack-allocated message buffer overflow.

To address this, we terminate the misbehaving process if the peeked message size exceeds the maximum allowable size.

References

Last modified 9 months ago Last modified on 03/21/24 14:59:45