CVE-2024-10934

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 15, 2024

CWE ID 415

Summary

CVE-2024-10934 is a vulnerability affecting OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021. This issue involves potential mbuf double free in the NFS (Network File System) client and server implementation. An attacker could exploit this vulnerability by manipulating network traffic to trigger the double free condition. Additionally, there is an uninitialized variable issue in the error handling of the NFS server, which may lead to unpredictable behavior or information disclosure. Both of these vulnerabilities pose a significant security risk and should be addressed promptly by applying the relevant erratas.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

OpenBSD

Affected Vendors

OpenBSD Project

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners