What the vulnerability does

01Description

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().

Key dates

02Disclosure timeline

June 27, 2017 CVE published
August 5, 2024 Record updated