Home > Vulnerability Database > CVE-2024-10934

Mend.io Vulnerability Database

CVE-2024-10934

Date: November 15, 2024

In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server.

Language: C

Severity Score

9.8

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-10934

Url: https://ftp.openbsd.org/pub/OpenBSD/patches/7.5/common/008_nfs.patch.sig

Url: https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/021_nfs.patch.sig

Url: https://www.mend.io/vulnerability-database/CVE-2024-10934

Severity Score

9.8

Weakness Type (CWE)

Double Free

CWE-415

Use of Uninitialized Variable

CWE-457

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-10934

Date: November 15, 2024

Language: C

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?