Not a user yet?
Log in Register for free Suggest a product
Update

USN-7898-1: OpenVPN vulnerability

Ubuntu ServerUbuntu Server
Canonical

USN-7898-1: OpenVPN vulnerability

Publication date: 27 November 2025
Overview: OpenVPN could allow unintended access to network services.

Packages

  • openvpn - virtual private network software

Details
Joshua Rogers discovered that OpenVPN incorrectly handled HMAC verification
checks. A remote attacker could possibly use this issue to bypass source IP
address validation.

Update instructions

After a standard system update you need to reboot your computer to make all the necessary changes.

The problem can be corrected by updating your system to the following package versions:

25.10 questing

  • openvpn – 2.6.14-2ubuntu1.1

25.04 plucky

  • openvpn – 2.6.14-0ubuntu0.25.04.3

24.04 LTS noble

  • openvpn – 2.6.14-0ubuntu0.24.04.3
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad