OpenVPN fixed several vulnerabilities that could be exploited by remote attackers, the flaws were not detected in a recent audit. Many flaws were found but some vulnerabilities were not spotted by the experts. The vulnerabilities were fixed in the OpenVPN 2.4.3 and 2.3.17 releases. The most severe issue is a Remotely-triggerable ASSERT() on malformed IPv6 packet bug that can be exploited to remotely shut down an OpenVPN server or client. The second flaw is a potential double-free in x509-alt-username option on OpenSSL builds with an extension.”]
Source: https://securityaffairs.co/wordpress/60341/hacking/openvpn-flaws.html