CVE-2024-10934

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-10934
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/021_nfs.patch.sig Patch
https://ftp.openbsd.org/pub/OpenBSD/patches/7.5/common/008_nfs.patch.sig Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:-:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_001:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_002:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_003:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_004:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_005:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_006:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_007:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_008:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_009:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_010:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_011:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_012:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_013:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_014:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_015:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_016:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_017:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_018:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_019:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_020:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:-:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_001:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_002:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_003:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_004:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_005:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_006:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_007:*:*:*:*:*:*
History

02 Oct 2025, 15:15

Type Values Removed Values Added
CWE CWE-457

04 Sep 2025, 23:49

Type Values Removed Values Added
First Time Openbsd openbsd
Openbsd
References () https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/021_nfs.patch.sig - () https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/021_nfs.patch.sig - Patch
References () https://ftp.openbsd.org/pub/OpenBSD/patches/7.5/common/008_nfs.patch.sig - () https://ftp.openbsd.org/pub/OpenBSD/patches/7.5/common/008_nfs.patch.sig - Patch
CPE cpe:2.3:o:openbsd:openbsd:7.5:errata_001:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_001:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_015:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_003:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_010:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_013:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_020:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_016:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:-:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_012:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_019:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_017:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_009:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_002:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_006:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_002:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_007:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_005:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_004:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_007:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_008:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_005:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:-:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_018:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_011:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_004:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_014:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.5:errata_006:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:7.4:errata_003:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
Information

Published : 2024-11-15 20:15

Updated : 2025-10-02 15:15

NVD link : CVE-2024-10934

Mitre link : CVE-2024-10934

CVE.ORG link : CVE-2024-10934

JSON object : View

Products Affected

openbsd

  • openbsd
CWE
CWE-415

Double Free

CWE-457

Use of Uninitialized Variable