CLSA-2025-1744727573

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1744727573.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2025-1744727573

Upstream

CVE-2024-5594

Published

2025-04-15T14:32:58Z

Modified

2026-06-04T09:46:47.803967548Z

Summary

Fix CVE(s): CVE-2024-5594

Details

* SECURITY UPDATE: Improper PUSH_REPLY sanitization allows attackers
  to inject arbitrary data into third-party executables
  - debian/patches/CVE-2024-5594.patch: Properly handle null bytes
    and invalid characters in control
  - CVE-2024-5594

References

https://errata.cloudlinux.com/ubuntu16-els/CLSA-2025-1744727573.html

Affected packages

TuxCare:Ubuntu:16.04 / openvpn

Package

Name: openvpn
Purl: pkg:deb/tuxcare/openvpn?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.10-1ubuntu2.2+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1744727573.json"