CVE-2018-9336

moderate-risk
Published 2018-05-01

openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.

Do I need to act?

-
0.09% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (6)

Affected Vendors

Slackware Openvpn

References (10)

Mailing List http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slack...
Release Notes https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24
Patch https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e7...
Release Notes https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6
Exploit https://www.tenable.com/security/research/tra-2018-09
Mailing List http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slack...
Release Notes https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24
Patch https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e7...
Release Notes https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6
Exploit https://www.tenable.com/security/research/tra-2018-09
37
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 0/34 · Minimal
Exposure 13/34 · Low