Bugzilla – Bug 1038711
VUL-0: CVE-2017-7479: openvpn: Denial of Service due to Exhaustion of Packet-ID counter
Last modified: 2017-10-26 06:13:42 UTC
https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits An authenticated client can cause the server's the packet-id counter to roll over, which would lead the server process to hit an ASSERT() and stop running. To make the server hit the ASSERT(), the client must first cause the server to send it 232 packets (at least 196GB). This problem is fixed by commit "Drop packets instead of asserting out if packet id rolls over": release/2.3: <git-commit-id> release/2.4: <git-commit-id> master: <git-commit-id> The fix requires commit "cleanup: merge packet_id_alloc_outgoing() into packet_id_write()" to apply cleanly (see commit 653d391922). OpenVPN versions 2.4.2 and 2.3.15 (and later) include these fixes. The "release/2.2" branch in Git has also been patched, primarily for the benefit of external package maintainers. We do not, however, intend to make a 2.2-release, not even in source-only format.
This is a87e1431baccd49a9344cfc63ab7446c4317fa2f
This is an autogenerated message for OBS integration: This bug (1038711) was mentioned in https://build.opensuse.org/request/show/500570 42.2 / openvpn https://build.opensuse.org/request/show/500580 42.3 / openvpn
SUSE-SU-2017:1622-1: An update that solves three vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1038709,1038711,1038713,995374 CVE References: CVE-2016-6329,CVE-2017-7478,CVE-2017-7479 Sources used: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): openvpn-2.3.8-16.14.1 SUSE Linux Enterprise Server 12-SP2 (src): openvpn-2.3.8-16.14.1 SUSE Linux Enterprise Desktop 12-SP2 (src): openvpn-2.3.8-16.14.1
openSUSE-SU-2017:1638-1: An update that solves three vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1038709,1038711,1038713,995374 CVE References: CVE-2016-6329,CVE-2017-7478,CVE-2017-7479 Sources used: openSUSE Leap 42.2 (src): openvpn-2.3.8-8.6.1
SUSE-SU-2017:1718-1: An update that solves 5 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1038709,1038711,1038713,1044947,959511,988522 CVE References: CVE-2017-7478,CVE-2017-7479,CVE-2017-7508,CVE-2017-7520,CVE-2017-7521 Sources used: SUSE Linux Enterprise Server 11-SECURITY (src): openvpn-openssl1-2.3.2-0.9.1
SUSE-SU-2017:2838-1: An update that solves four vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1038709,1038711,1038713,1060877,995374 CVE References: CVE-2016-6329,CVE-2017-12166,CVE-2017-7478,CVE-2017-7479 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): openvpn-2.0.9-143.47.3.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): openvpn-2.0.9-143.47.3.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): openvpn-2.0.9-143.47.3.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): openvpn-2.0.9-143.47.3.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): openvpn-2.0.9-143.47.3.1
released