CVE-2024-10934

Summary

In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server.

Affected Software

VendorProductVersion RangeStatus
OpenBSDOpenBSD7.5affected
OpenBSDOpenBSD7.4affected

Weaknesses

  • CWE-415: CWE-415 Double Free
  • CWE-457: CWE-457 Use of Uninitialized Variable

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References