OpenVPN Access Server, which is supported by the OpenVPN 2 codebase, has two critical security vulnerabilities identified. Some older versions of the OpenVPN Access Server (2.11.0, 2.11.1, 2.11.2, 2.11.3, 2.12.0, and 2.12.1) contain a copy of an outdated OpenVPN version with two security vulnerabilities.
CVE-2023-46850 is a vulnerability resulting from OpenVPN incorrectly utilizing a memory buffer after it has been freed. Under specific circumstances, the freed memory can still be transmitted to a client that is still in use, potentially exposing sensitive data. This security vulnerability primarily affects the TLS (Transport Layer Security) configuration. In other words, it could jeopardize secure data transmission over TLS configuration.
CVE-2023-46849 allows clients to conduct a Denial of Service (DoS) attack. This security vulnerability results from the server incorrectly reloading the “–fragment” configuration under certain conditions. A remote client could induce a division-by-zero error, leading to a DoS attack.
To mitigate the risk of becoming a target for attacks exploiting these vulnerabilities, it is strongly recommended to use the latest version, 2.12.2, which includes OpenVPN 2.6.7.