CVE-2024-28882 Information

Description

OpenVPN 2.6.10 and earlier in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session

Reference

https://community.openvpn.net/openvpn/wiki/CVE-2024-28882 https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07634.html