The better VPN providers are handling this already. I am pasting a link to one of my providers (AirVpn) because a few posts down in the thread it shows what the fix is in "code", just in case anyone is interested in studying this. https://airvpn.org/topic/12783-denial-of-service-vulnerability-in-openvpn-servers/