Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: OpenVPN

Published: 2023-11-11T00:05:13.487Z

Updated: 2024-08-02T20:53:21.915Z

Reserved: 2023-10-27T13:38:49.496Z

Link: CVE-2023-46849

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-11T01:15:07.270

Modified: 2023-11-29T03:15:42.383

Link: CVE-2023-46849

cve-icon Redhat

No data.