Introduction
On 19th March 2015 the OpenSSL project made a new release which fixed a number of security vulnerabilities. This page discussed the impact of those vulnerabilities to OpenVPN. The content on this page is mostly taken from an email thread on openvpn-user mailing list (thanks Steffan!).
Vulnerabilities that may affect OpenVPN
Depending on your configuration and OpenSSL version used, the following advisories from the list can apply to OpenVPN setups:
- Reclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
- Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
- ASN.1 structure reuse memory corruption (CVE-2015-0287)
- Base64 decode (CVE-2015-0292)
- Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)
- OpenVPN 2.3, the current version, does not support EC certs yet. Note however that the git master branch *does*.
The following vulnerabilities affect OpenSSL 1.0.2 only, which is quite new and not yet used very often. Moreover, the official OpenVPN Windows installers bundle OpenSSL 1.0.1, which is not vulnerable:
- Multiblock corrupted pointer (CVE-2015-0290)
- OpenSSL 1.0.2 ClientHello sigalgs DoS (CVE-2015-0291)
- Segmentation fault for invalid PSS parameters (CVE-2015-0208)
- Empty CKE with client auth and DHE (CVE-2015-1787)
Vulnerabilities that do not affect OpenVPN
The following do *not* apply to OpenVPN:
- Segmentation fault in DTLSv1_listen (CVE-2015-0207)
- OpenVPN does not use DTLS
- PKCS7 NULL pointer dereferences (CVE-2015-0289)
- TLS does not use PKCS#7
- DoS via reachable assert in SSLv2 servers (CVE-2015-0293)
- OpenVPN only does TLSv1.0+
- Handshake with unseeded PRNG (CVE-2015-0285)
- OpenVPN manually seeds the PRNG
- X509_to_X509_REQ NULL pointer deref (CVE-2015-0288)
- OpenVPN, nor the OpenSSL ssl functions call X509_to_X509_REQ()
Mitigating factors
Use of TLS auth keys offers good protection against these vulnerabilities.