Security Advisory

CVE-2025-3908

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-19 14:59:08

Last updated 2025-05-20 18:04:08

Assigner OpenVPN

State PUBLISHED

Description

The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory.

← Browse all CVEs View on cve.org ↗