Wind River Support Network

HomeDefectsLIN1023-2631

Fixed

LIN1023-2631 : Security Advisory - openvpn - CVE-2023-46850

Created: Nov 9, 2023 Updated: Dec 17, 2023

Resolved Date: Dec 17, 2023

Found In Version: 10.23.30.1

Severity: Standard

Applicable for: Wind River Linux LTS 23

Component/s: Userspace

Description

Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.

https://nvd.nist.gov/vuln/detail/CVE-2023-46850