Bug 1227511 (CVE-2024-27459) - VUL-0: CVE-2024-27459: openvpn: stack overflow in the interactive service component might lead to local privilege escalation
Summary: VUL-0: CVE-2024-27459: openvpn: stack overflow in the interactive service com...
Status: RESOLVED INVALID
Alias: CVE-2024-27459
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P5 - None : Normal
Target Milestone: ---
Assignee: Rahul Jain
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/412989/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-27459:6.7:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-07-08 12:38 UTC by SMASH SMASH
Modified: 2024-07-08 12:42 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Camila Camargo de Matos 2024-07-08 12:39:15 UTC 
As per [0]: "It's important to note that this issue is specific to Windows and is not all that easy to exploit".

Therefore, this bug will be closed as we are seemingly not affected by this vulnerability.

[0] https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/