CVE-2017-7522 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	A post-authentication remote DoS has been found in OpenVPN >= 2.4 and < 2.4.3, allowing a client to crash a server by sending a crafted certificate with an embedded NUL character. The issue requires the OpenVPN server to be built against mbedtls and to use the --x509-track option.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-319	openvpn	2.4.2-1	2.4.3-1	Medium	Not affected

References
https://github.com/OpenVPN/openvpn/commit/426392940c