CVE-2018-9336 in OpenVPN and Slackware Products
Published on May 1, 2018

openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.

Vendor Advisory NVD

Products Associated with CVE-2018-9336

stack.watch emails you whenever new vulnerabilities are published in OpenVPN or Slackware Linux. Just hit a watch button to start following.

OpenVPN

Slackware Linux

Exploit Probability

EPSS

0.09%

Percentile

24.87%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-9336 in OpenVPN and Slackware ProductsPublished on May 1, 2018

Products Associated with CVE-2018-9336

Exploit Probability

CVE-2018-9336 in OpenVPN and Slackware Products
Published on May 1, 2018