CVE-2023-46849
published 2023-11-11CVE-2023-46849: Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could…
PriorityP433high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.14%
62.7th percentile
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | openvpn | < openvpn 2.6.3-1+deb12u2 (bookworm) | openvpn 2.6.3-1+deb12u2 (bookworm) |
| fedoraproject | fedora | — | — |
| openvpn | access_server | 2.11.0 – 2.11.3 | — |
| openvpn | access_server | 2.12.0 – 2.12.1 | — |
| openvpn | openvpn | >= 0 < 2.6.3-1+deb12u2 | 2.6.3-1+deb12u2 |
| openvpn | openvpn | >= 0 < 2.6.7-1 | 2.6.7-1 |
| openvpn | openvpn | >= 0 < 2.6.7-1 | 2.6.7-1 |
| openvpn | openvpn | >= 0 < 2.6.5-0ubuntu1.1 | 2.6.5-0ubuntu1.1 |
| openvpn | openvpn | 2.6.0 – 2.6.6 | — |
| openvpn | openvpn_2 | 2.6.0 – 2.6.6 | — |
| openvpn | openvpn_access_server | — | — |
| openvpn | openvpn_access_server | — | — |
| openvpn | openvpn_access_server | 2.11.0 – 2.11.3 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH
vendor_debian7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
OpenVPN vulnerabilities
vendor_ubuntu·2023-11-16·CVSS 7.5
CVE-2023-46850 [HIGH] OpenVPN vulnerabilities
Title: OpenVPN vulnerabilities
Summary: Several security issues were fixed in OpenVPN.
It was discovered that OpenVPN incorrectly handled the --fragment option
in certain configurations. A remote attacker could possibly use this issue
to cause OpenVPN to crash, resulting in a denial of service.
(CVE-2023-46849)
It was discovered that OpenVPN incorrectly handled certain memory
operations. A remote attacker could use this issue to cause OpenVPN to
crash, obtain sensitive information, or possibly execute arbitrary code.
(CVE-2023-46850)
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2023-46849: openvpn - Using the --fragment option in certain configuration setups OpenVPN version 2.6....
vendor_debian·2023·CVSS 7.5
CVE-2023-46849 [HIGH] CVE-2023-46849: openvpn - Using the --fragment option in certain configuration setups OpenVPN version 2.6....
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
Scope: local
bookworm: resolved (fixed in 2.6.3-1+deb12u2)
bullseye: resolved
forky: resolved (fixed in 2.6.7-1)
sid: resolved (fixed in 2.6.7-1)
trixie: resolved (fixed in 2.6.7-1)
OSV
openvpn vulnerabilities
osv·2023-11-16·CVSS 7.5
CVE-2023-46849 [HIGH] openvpn vulnerabilities
openvpn vulnerabilities
It was discovered that OpenVPN incorrectly handled the --fragment option
in certain configurations. A remote attacker could possibly use this issue
to cause OpenVPN to crash, resulting in a denial of service.
(CVE-2023-46849)
It was discovered that OpenVPN incorrectly handled certain memory
operations. A remote attacker could use this issue to cause OpenVPN to
crash, obtain sensitive information, or possibly execute arbitrary code.
(CVE-2023-46850)
OSV
CVE-2023-46849: Using the --fragment option in certain configuration setups OpenVPN version 2
osv·2023-11-11·CVSS 7.5
CVE-2023-46849 [HIGH] CVE-2023-46849: Using the --fragment option in certain configuration setups OpenVPN version 2
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
GHSA
GHSA-p99v-qjfm-8vvq: Using the --fragment option in certain configuration setups OpenVPN version 2
ghsa_unreviewed·2023-11-11
CVE-2023-46849 [HIGH] CWE-369 GHSA-p99v-qjfm-8vvq: Using the --fragment option in certain configuration setups OpenVPN version 2
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://community.openvpn.net/openvpn/wiki/CVE-2023-46849https://lists.fedoraproject.org/archives/list/[email protected]/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/https://lists.fedoraproject.org/archives/list/[email protected]/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/https://www.debian.org/security/2023/dsa-5555https://community.openvpn.net/openvpn/wiki/CVE-2023-46849https://lists.fedoraproject.org/archives/list/[email protected]/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/https://lists.fedoraproject.org/archives/list/[email protected]/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/https://www.debian.org/security/2023/dsa-5555
2023-11-11
Published