CVE-2009-5009

Publication date 14 October 2010

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

Description

Double free vulnerability in OpenConnect before 1.40 might allow remote AnyConnect SSL VPN servers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted DTLS Cipher option during a reconnect operation.

Status

Package Ubuntu Release Status
openconnect 10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release

References

Other references

Access our resources on patching vulnerabilities