OpenVPN could allow unintended access to network services.
Software Description:
- openvpn: virtual private network software
Details:
Joshua Rogers discovered that OpenVPN incorrectly handled HMAC verification
checks. A remote attacker could possibly use this issue to bypass source IP
address validation.
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 openvpn 2.6.14-2ubuntu1.1 Ubuntu 25.04 openvpn 2.6.14-0ubuntu0.25.04.3 Ubuntu 24.04 LTS openvpn 2.6.14-0ubuntu0.24.04.3 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-7898-1
CVE-2025-13086
Get the latest Linux and open source security news straight to your inbox.