GCVE-VVD-MAGEIA-2017-152 — Vulnetix

GCVE-VVD-MAGEIA-2017-152

Advisory Published

Vulnetix · Advisory published June 1, 2017

It was discovered that OpenVPN improperly triggered an assert when receiving an oversized control packet in some situations. A remote attacker could use this to cause a denial of service (server or client crash) (CVE-2017-7478). It was discovered that OpenVPN improperly triggered an assert when packet ids rolled over. An authenticated remote attacker could use this to cause a denial of service (application crash) (CVE-2017-7479).

Download JSON Open in Console

Affected Products

Vendor	Product	Versions	Platforms
Mageia	openvpn	0 (affected), 2.3.16-1.mga5 (unaffected)	—

Aliases

CVE-2017-7478 CVE-2017-7479

Transitive aliases

SUSE-SU-2017:1622-1 GHSA-3wwj-66cm-595v CNVD-2017-07556 SUSE-SU-2017:1718-1 EUVD-2017-16499 SUSE-SU-2017:2838-1 GSD-2017-7478 GHSA-qhqf-49x5-89w6 EUVD-2017-16500

References

Updated openvpn packages fix security vulnerability

advisory

Updated openvpn packages fix security vulnerability

issue

Updated openvpn packages fix security vulnerability

issue

Updated openvpn packages fix security vulnerability

advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON

$ Console Community · 100/wk Open console ›