FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenVPN -- avoid buffer overread parsing routes or endpoints

Affected packages
openvpn-devel < g20251117,1

Details

VuXML ID 50a0c266-c3ff-11f0-b513-0da7be77c170
Discovery 2025-10-18
Entry 2025-11-17

Mikhail Khachaiants reports:

socket: reject mismatched address family in get_addr_generic.

Add a family check to prevent copying address data of the wrong type, which could cause buffer over-read when parsing routes or endpoints.

[source]

References

CVE Name CVE-2025-12106
URL https://github.com/OpenVPN/openvpn/commit/f1b851dae60eb1e277315dfe6265e3a58660b16a

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.