CVE-2024-10934 — CRITICAL (9.8)

Q: How severe is CVE-2024-10934?

CVE-2024-10934 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2024-10934?

Check the references section above for vendor advisories and patch information. Affected products include: Openbsd Openbsd.

Vulnerability Description

In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Openbsd	Openbsd	< 7.4

Related Weaknesses (CWE)

CWE-457 CWE-415

References

FAQ

What is CVE-2024-10934?

CVE-2024-10934 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS...

How severe is CVE-2024-10934?

CVE-2024-10934 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2024-10934?

Check the references section above for vendor advisories and patch information. Affected products include: Openbsd Openbsd.