CVE-2013-2061
OpenVPN < 2.3.0 - Information Exposure via Timing Attack on HMAC Comparison
Title source: llmDescription
The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher.
References (10)
Core 10
Core References
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html
Vendor Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-11/msg00012.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=960192
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/05/06/6
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:167
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html
Issue Tracking x_refsource_confirm
https://bugs.gentoo.org/show_bug.cgi?id=468756
Exploit, Patch x_refsource_confirm
https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee
Third Party Advisory x_refsource_confirm
https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc
Scores
EPSS
0.0281
EPSS Percentile
84.8%
Details
CWE
CWE-200
Status
published
Products (16)
opensuse/opensuse
11.4
openvpn/openvpn
1.2.0
openvpn/openvpn
1.2.1
openvpn/openvpn
1.3.0
openvpn/openvpn
1.3.1
openvpn/openvpn
1.3.2
openvpn/openvpn
1.4.0
openvpn/openvpn
1.4.1
openvpn/openvpn
1.4.2
openvpn/openvpn
1.4.3
... and 6 more
Published
Nov 18, 2013
Tracked Since
Feb 18, 2026