CVE-2018-9336 — HIGH (7.8) — White Hats Nepal

Q: How severe is CVE-2018-9336?

CVE-2018-9336 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-9336?

Check the references section above for vendor advisories and patch information. Affected products include: Openvpn Openvpn, Slackware Slackware Linux.

Vulnerability Description

openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.

CVSS Score

7.8

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Openvpn	Openvpn	>= 2.4.0, < 2.4.6
Slackware	Slackware Linux	13.0

Related Weaknesses (CWE)

CWE-415

References

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackMailing ListThird Party Advisory
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24Release NotesVendor Advisory
https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e7PatchThird Party Advisory
https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6Release NotesThird Party Advisory
https://www.tenable.com/security/research/tra-2018-09ExploitThird Party Advisory
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackMailing ListThird Party Advisory
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24Release NotesVendor Advisory
https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e7PatchThird Party Advisory
https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6Release NotesThird Party Advisory
https://www.tenable.com/security/research/tra-2018-09ExploitThird Party Advisory

FAQ

What is CVE-2018-9336?

CVE-2018-9336 is a vulnerability with a CVSS score of 7.8 (HIGH). openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. T...

How severe is CVE-2018-9336?

CVE-2018-9336 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-9336?

Check the references section above for vendor advisories and patch information. Affected products include: Openvpn Openvpn, Slackware Slackware Linux.