ALAS-2020-1410 --- openvpn
|ID: oval:org.secpod.oval:def:1601170||Date: (C)2020-07-31 (M)2020-07-31|
|Class: PATCH||Family: unix|
This security issue is quite hard to abuse, requiring a fairly precise timing attack combined with guessing a just assigned peer-id reference. If successful, only a single client just initiating a new connection will experience a denial of service situation.
|Amazon Linux AMI|