CLSA-2025-1744710425

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1744710425.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1744710425
Upstream
Published
2025-04-15T14:17:48Z
Modified
2026-06-04T09:45:26.697407503Z
Summary
Fix CVE(s): CVE-2024-5594
Details
  • SECURITY UPDATE: Improper PUSH_REPLY sanitization allows attackers to inject arbitrary data into third-party executables
    • debian/patches/CVE-2024-5594.patch: Properly handle null bytes and invalid characters in control
    • CVE-2024-5594
  • UPDATE CERTIFICATES: Renew sample keys
    • debian/patches/sample-keys-renew.patch: Renew sample keys for 10 years
References

Affected packages

TuxCare:Ubuntu:18.04 / openvpn

Package

Name
openvpn
Purl
pkg:deb/tuxcare/openvpn?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.4-2ubuntu1.7+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1744710425.json"