]> git.feebdaed.xyz Git - 0xmirror/openvpn.git/commit
projects / 0xmirror / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5ab76ad) | patch
socket: reject mismatched address family in get_addr_generic
authorMikhail Khachaiants <mkhachaiants@gmail.com>
Sat, 18 Oct 2025 08:42:31 +0000 (11:42 +0300)
committerGert Doering <gert@greenie.muc.de>
Mon, 17 Nov 2025 09:08:36 +0000 (10:08 +0100)
commitf1b851dae60eb1e277315dfe6265e3a58660b16a
tree1b423e78f07050438efa891b23a1bc976e8d757btree | snapshot
parent5ab76ad9ec0b45874f49f04d4203fc5912fd55a8commit | diff
socket: reject mismatched address family in get_addr_generic

Add a family check to prevent copying address data of the wrong type,
which could cause buffer over-read when parsing routes or endpoints.

CVE: 2025-12106

Github: OpenVPN/openvpn-private-issues#77

Signed-off-by: Mikhail Khachaiants <mkhachaiants@gmail.com>
Acked-By: Gert Doering <gert@greenie.muc.de>
Signed-Off-By: Gert Doering <gert@greenie.muc.de>
src/openvpn/socket.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.