CVE-2017-7478

OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

Date published : 2017-05-15

http://www.securityfocus.com/bid/98444

https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits