{"id":"CVE-2018-9336","details":"openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.","modified":"2026-03-20T11:26:52.355424Z","published":"2018-05-01T18:29:00.697Z","related":["MGASA-2018-0329","SUSE-SU-2018:1888-1","openSUSE-SU-2024:11128-1"],"references":[{"type":"ADVISORY","url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761"},{"type":"ADVISORY","url":"https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24"},{"type":"ADVISORY","url":"https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6"},{"type":"FIX","url":"https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b"},{"type":"EVIDENCE","url":"https://www.tenable.com/security/research/tra-2018-09"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openvpn/openvpn","events":[{"introduced":"307abe7b32e951ece58c7964b3fa72536aee6724"},{"fixed":"b3a7f452206607fb23d5cea76339dfb164c283f2"},{"fixed":"1394192b210cb3c6624a7419bcf3ff966742e79b"}],"database_specific":{"versions":[{"introduced":"2.4.0"},{"fixed":"2.4.6"}]}}],"versions":["v2.4.0","v2.4.1","v2.4.2","v2.4.3","v2.4.4","v2.4.5"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-9336.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"13.0"}]},{"events":[{"introduced":"0"},{"last_affected":"13.1"}]},{"events":[{"introduced":"0"},{"last_affected":"13.37"}]},{"events":[{"introduced":"0"},{"last_affected":"14.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.1"}]}],"vanir_signatures":[{"digest":{"length":1801,"function_hash":"76249174896798077986787021284902443957"},"source":"https://github.com/openvpn/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b","id":"CVE-2018-9336-6f6cb009","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"GetStartupData","file":"src/openvpnserv/interactive.c"}},{"digest":{"line_hashes":["289438739866009732693574682006466857681","321565621241284017888958497464079295163","195788173835312840708182270129385780967","157149519107656280786448143671546800758","330594636882758798577265977046886899589","61946047064732831183916419652892674079","73819516014268841906567609661453268985","53477928483126425049698987735296952292","160457593547376328576023042434816934222","102247858346367447205334963596539921621","37760868789385960205315602176273650548","53416876412599990887617656792587425944","231052184390747051670143023779207169899","82101472118118567585578736071106229258","306507218426212718522252431219043743649","2766319541782805131682120927575304148","110753385165441245116358304053334545450","290008412599615179597160777647644121426","197093618283534262316211851307390296078","231838072196818321118202676689277965807","163136148559021466918701586049456598696","57652015971833478580836840077705432245","188431597377538567314213316948483171797","45804946495876171431938301213448644363","35490655318343064911912676930636225462","189921561168834180170229040099364593666","234424307210144426171304176440220006390","60869185759417503061368576737633381064","106049124931381612333091018629992720739","148025771116657418264690920352564529771","184864002078368697997805638241742679035","230318638235804652942591183825937822078","243422924903089937958313966285867213026","297557170468421667846869797139637183819","34671599296192400017110588308363004350","292353436963983896055666031584247941394","61570016092430263203832958639438681880","141441711254298611049517417527928691692","120353406661613926063927761543085251023","293785784376869473936078925543400440146","125496552704587362904006732753252071462"],"threshold":0.9},"source":"https://github.com/openvpn/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b","id":"CVE-2018-9336-b726e6c2","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"src/openvpnserv/interactive.c"}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}