OpenVPN Denial-of-Service Vulnerability via Improper Packet Length Validation in tls-crypt-v2 Key Extraction

Vulnerability

A denial-of-service vulnerability has been identified in OpenVPN versions 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1. The issue arises from improper validation of packet length during the tls-crypt-v2 key extraction process, allowing authenticated attackers to trigger a fatal assertion and cause a crash by sending a specially crafted packet.

Impact

Exploitation of this vulnerability leads to a fatal assertion failure, causing a crash and denial-of-service condition on the affected system.

Added: Jun 8, 2026, 8:24 PM

Updated: Jun 8, 2026, 8:24 PM

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

2.5

exploitability

5.4

remediation

0.0

relevance

9.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

2.5

exploitability

5.4

remediation

0.0

relevance

9.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenVPN Denial-of-Service Vulnerability via Improper Packet Length Validation in tls-crypt-v2 Key Extraction

Vulnerability

Impact

Affected Products

OpenVPN

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating